Date: Fri, 11 Jan 2013 17:51:43 -0600 From: Brooks Davis <brooks@freebsd.org> To: Peter Wemm <peter@wemm.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, Brooks Davis <brooks@freebsd.org>, src-committers@freebsd.org Subject: Re: svn commit: r245316 - in head: . etc Message-ID: <20130111235143.GA91287@lor.one-eyed-alien.net> In-Reply-To: <CAGE5yCqapA_hG7L9xTPdm4p1jQDUF0NMmExaOgMYActx15_8_Q@mail.gmail.com> References: <201301112308.r0BN8JP4093605@svn.freebsd.org> <CAGE5yCrgJ9qcdYD6RwpGQYtyTQ-FignBHC5W79bo3s7syP-Yvg@mail.gmail.com> <CAGE5yCqapA_hG7L9xTPdm4p1jQDUF0NMmExaOgMYActx15_8_Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--DocE+STaALJfprDB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jan 11, 2013 at 03:40:35PM -0800, Peter Wemm wrote:
> On Fri, Jan 11, 2013 at 3:19 PM, Peter Wemm <peter@wemm.org> wrote:
> > On Fri, Jan 11, 2013 at 3:08 PM, Brooks Davis <brooks@freebsd.org> wrot=
e:
> >
> >> -IMAKE=3D ${IMAKEENV} ${MAKE} -f Makefile.inc1
> >> +IMAKE=3D ${IMAKEENV} ${MAKE} -f Makefile.inc1 \
> >> + INSTALL=3D"install -N ${.CURDIR}/etc" \
> >> + MTREE_CMD=3D"nmtree -N ${.CURDIR}/etc"
> >
> > How does this work with worlds with different UID/GID assignments?
> > Eg: the freebsd.org cluster?
> >
> > ${.CURDIR}/etc/master.passwd does not match the installed system.
>=20
> Case in point, the freebsd.org cluster has used postfix before
> sendmail gained its privilege separation. We had:
> postfix:*:25:postfix
> postdrop:*:26:
> .. long before sendmail added:
> smmsp:*:25:
> mailnull:*:26:
>=20
> On an existing machine we have:
> -r-xr-sr-x 1 root smmsp 719336 Jan 6 15:13 /usr/libexec/sendmail/send=
mail
>=20
> But on the freebsd.org machines that have machines dating back to
> 1998, this change would cause:
> -r-xr-sr-x 1 root postfix 719336 Jan 6 15:13 /usr/libexec/sendmail/se=
ndmail
>=20
> With a silent change like that, if the admin doesn't notice.. who can
> tell what would happen? Silently giving sendmail setgid access to
> another subsystem's gid is.. just POLA violation at every conceivable
> level and potentially dangerous.
>=20
> These tools from netbsd were meant for cross compiling.. ie: when DESTDIR=
!=3D /.
I've reverted this change. In my defense I'd note that NetBSD always
uses -N. If you want non-standard uids and gids there you just end your
source tree.
-- Brooks
--DocE+STaALJfprDB
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (FreeBSD)
iD8DBQFQ8KWPXY6L6fI4GtQRAhEiAJ9ks8D1CY3aur8N9VHLBL3XgUqLfQCgg9SW
qX5aju1Nou7QM5C0EoLpZ1M=
=G/Bb
-----END PGP SIGNATURE-----
--DocE+STaALJfprDB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130111235143.GA91287>