Date: Mon, 5 May 2003 17:40:16 -0700 (PDT) From: "Scot W. Hetzel" <hetzels@westbend.net> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/51680: security/cyrus-sasl?: Group readable file when sending locally Message-ID: <200305060040.h460eGbi021267@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/51680; it has been noted by GNATS.
From: "Scot W. Hetzel" <hetzels@westbend.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: ume@freebsd.org
Subject: Re: ports/51680: security/cyrus-sasl?: Group readable file when sending locally
Date: Mon, 5 May 2003 19:39:46 -0500 (CDT)
According to Greg Shapiro <gshapiro@gshapiro.net>, pine by default is
using SMTP, and therfore SMTP AUTH if compiled into sendmail. To disable
SMTP AUTH we need to define DAEMON_OPTIONS for the loopback interface.
Apply this patch to both cyrus-sasl ports.
Scot
Index: Sendmail.README
===================================================================
RCS file: /home/ncvs/ports/security/cyrus-sasl/files/Sendmail.README,v
retrieving revision 1.8
diff -u -r1.8 Sendmail.README
--- Sendmail.README 5 Oct 2002 19:38:18 -0000 1.8
+++ Sendmail.README 5 May 2003 23:01:08 -0000
@@ -41,6 +41,17 @@
dnl Use the following for Sendmail 8.10 - 8.11
define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl
+5) Add the following before FEATURE(msp) in your sendmail 8.12 submit.mc file:
+
+ DAEMON_OPTIONS(`Name=NoMTA, Addr=127.0.0.1, M=EA')dnl
+
+ This disables SMTP AUTH on the loopback interface. Otherwise you may get
+ the following error in the log:
+
+ error: safesasl(/usr/local/etc/sasldb) failed: Group readable file
+
+ when sending mail locally (seen when using pine locally on same server).
+
----
Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305060040.h460eGbi021267>