From owner-svn-src-head@FreeBSD.ORG Fri Jan 11 23:40:37 2013 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 0577C51B for ; Fri, 11 Jan 2013 23:40:37 +0000 (UTC) (envelope-from peter@wemm.org) Received: from mail-vc0-f174.google.com (mail-vc0-f174.google.com [209.85.220.174]) by mx1.freebsd.org (Postfix) with ESMTP id BB81A9AB for ; Fri, 11 Jan 2013 23:40:36 +0000 (UTC) Received: by mail-vc0-f174.google.com with SMTP id d16so1959926vcd.5 for ; Fri, 11 Jan 2013 15:40:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wemm.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=nETBgqdnuBgpHfGTSKeV5Gl/QG9lXZbtdbgor+kwn4U=; b=KvfsQwoyJUWZX/Mh6wRv/uzvdKylfy1ot6Op9MwuGdJv9jQmJb8bvyJzY1AR8YJJxY 5q1iZlIiTv9MTYw3o3ZbDUW1IOGhIm8/DOy5A9x36SAhVeJQDOUz4ycHC7fs50kmJJLI 5X2NAD/QMgdvQ3Oe2C5RRyWtl+ydznJso1bA8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=nETBgqdnuBgpHfGTSKeV5Gl/QG9lXZbtdbgor+kwn4U=; b=f8TmSHx/ajxUTp50PW6M3E+F3dHJhM4AdHBWMYGUqq3+OUK+PEbswttMcB5dDs35Ls nfjd7qF6CyEYOTNOIZ9ZvYv1aSVpeM3YipyNgr3b7MnmXQbZsaVdaM8JmbMGyghjuyih 6bjeSC3yzrStVv8/lLXzNV2oF8/1/30DAlIQHFlm//YP9lFn94HgE7sTtv8BBcZFUD5a kjNb2exbuV9hzktkph6Uf26tY2yirG4/Oe8kVuygH2v/0J8uVxUQ1oAOBIoUBG356u3D A5IFr0AGWlcd2brHDC0dq0NtnaAr9xsQFEL3g0hBeo4qZ2/IjiSbRpvaiwjfcI9h3uRP /ZOw== MIME-Version: 1.0 Received: by 10.220.209.74 with SMTP id gf10mr94358970vcb.10.1357947635677; Fri, 11 Jan 2013 15:40:35 -0800 (PST) Received: by 10.221.4.72 with HTTP; Fri, 11 Jan 2013 15:40:35 -0800 (PST) In-Reply-To: References: <201301112308.r0BN8JP4093605@svn.freebsd.org> Date: Fri, 11 Jan 2013 15:40:35 -0800 Message-ID: Subject: Re: svn commit: r245316 - in head: . etc From: Peter Wemm To: Brooks Davis Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQkMIwTvfkFjG6fmAe6j6ziW8B3BDY+1pqBwrY+eb7zUQGwl92rmSLXhZIXGxIjmMltxN/sY Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jan 2013 23:40:37 -0000 On Fri, Jan 11, 2013 at 3:19 PM, Peter Wemm wrote: > On Fri, Jan 11, 2013 at 3:08 PM, Brooks Davis wrote: > >> -IMAKE= ${IMAKEENV} ${MAKE} -f Makefile.inc1 >> +IMAKE= ${IMAKEENV} ${MAKE} -f Makefile.inc1 \ >> + INSTALL="install -N ${.CURDIR}/etc" \ >> + MTREE_CMD="nmtree -N ${.CURDIR}/etc" > > How does this work with worlds with different UID/GID assignments? > Eg: the freebsd.org cluster? > > ${.CURDIR}/etc/master.passwd does not match the installed system. Case in point, the freebsd.org cluster has used postfix before sendmail gained its privilege separation. We had: postfix:*:25:postfix postdrop:*:26: .. long before sendmail added: smmsp:*:25: mailnull:*:26: On an existing machine we have: -r-xr-sr-x 1 root smmsp 719336 Jan 6 15:13 /usr/libexec/sendmail/sendmail But on the freebsd.org machines that have machines dating back to 1998, this change would cause: -r-xr-sr-x 1 root postfix 719336 Jan 6 15:13 /usr/libexec/sendmail/sendmail With a silent change like that, if the admin doesn't notice.. who can tell what would happen? Silently giving sendmail setgid access to another subsystem's gid is.. just POLA violation at every conceivable level and potentially dangerous. These tools from netbsd were meant for cross compiling.. ie: when DESTDIR != /. -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI6FJV bitcoin:188ZjyYLFJiEheQZw4UtU27e2FMLmuRBUE