Date: Fri, 30 Apr 1999 10:05:33 -0700 From: Cy Schubert <cschuber@uumail.gov.bc.ca> To: "Pedro J. Lobo" <pjlobo@euitt.upm.es> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Does mail.local need to be setuid-root? Message-ID: <199904301706.KAA00762@passer.osg.gov.bc.ca> In-Reply-To: Your message of "Fri, 30 Apr 1999 15:47:18 %2B0200." <Pine.OSF.4.05.9904301535330.15810-100000@haddock.euitt.upm.es>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.OSF.4.05.9904301535330.15810-100000@haddock.euitt.u
pm.es>, "Pe
dro J. Lobo" writes:
> Hello, people.
> =
> I have a 3.1-RELEASE machine which, among other tasks, acts as a mail a=
nd
> telnet server for out students. Recently I noticed that several users w=
ere
> using more disk space than his quotas should allow (!). After a bit of
> investigation, I have traced down the problem to the mail system.
> =
> The problem is that you cand send mail to a user that is over quota, an=
d
> the system will append the new message to its inbox (located in /var/ma=
il,
> as by default). Indeed, root can append data to a file that belongs to =
a
> user that is over quota.
> =
> As you may see, it is a rather ugly "feature". So, the question is: doe=
s
> /usr/libexec/mail.local need to be setuid root? Or, alternatively, can =
I
> use /usr/bin/mail as the local mailer? I also administer an alpha with
> Tru64 Unix 4.0d and it uses /bin/mail (no setuid/setgid) as the local
> mailer.
The main difference between DU and FreeBSD is:
DU 4.0D:
OSF1 hostname V4.0 878 alpha
drwxrwxrwt 2 root mail 512 Apr 26 00:00 =
/var/spool/mail
lrwxrwxrwx 1 root system 7 Dec 9 14:16 /bin -> =
usr/bin
-rws--x--x 2 root bin 40960 Dec 29 1997 /usr/bin/mail
FreeBSD 3.1R:
FreeBSD hostname 3.1-RELEASE FreeBSD 3.1-RELEASE #0: Thu Apr 8 =
16:05:54 PDT 1999 root@hostname:/opt/usr_src-310/sys/compile/HOS
TNAME i386
drwxrwxr-x 2 root mail 512 Apr 30 09:41 /var/mail
-r-sr-xr-x 1 root wheel 15056 Mar 2 06:53 /usr/libexec/mail.loca
l
Solaris 2.6 (for good measure):
SunOS HOSTNAME 5.6 Generic_105181-12 sun4u sparc SUNW,Ultra-Enterpri
se
drwxrwxrwt 3 root mail 512 Apr 29 23:45 /var/mail
-r-x--s--x 1 bin mail 64376 Jul 15 1997 /bin/mail
You can resolve your issue by making mail.local sgid mail instead =
of suid root. Ownership of individual mail files cannot be set by =
mail.local when its sgid mail, so you will need to create each =
individual user's mail spool file with the proper permissions 660 =
and ownership before they can receive mail. If mail.local is the =
only sgid mail application on your system, using sgid mail =
shouldn't be any less secure (from a privacy point of view) than =
the stock-out-of-the-box setup.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Open Systems Group Internet: Cy.Schubert@uumail.gov.bc.ca
ITSD Cy.Schubert@gems8.gov.bc.ca
Province of BC =
"e**(i*pi)+1=3D0"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904301706.KAA00762>