From owner-freebsd-security Sun Nov 17 20:41:39 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA08906 for security-outgoing; Sun, 17 Nov 1996 20:41:39 -0800 (PST) Received: from super-g.inch.com (spork@super-g.com [204.178.32.161]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA08872; Sun, 17 Nov 1996 20:41:14 -0800 (PST) Received: from localhost (spork@localhost) by super-g.inch.com (8.7.6/8.6.9) with SMTP id WAA15352; Sun, 17 Nov 1996 22:39:11 -0500 Date: Sun, 17 Nov 1996 21:39:11 -0600 (CST) From: "S(pork)" X-Sender: spork@super-g.inch.com To: Eric Allman cc: Igor Roshchin , Ollivier Robert , freebsd-security@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: New sendmail bug... In-Reply-To: <199611180342.TAA21895@knecht.Sendmail.ORG> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk But if one does have to run 8.7.6 until they have time to breath, does anyone know if the error that Igor and I are seeing compiling 8.7.6 from -stable can be avoided? I first patched with the 2 line setgid, setuid patch I saw on the list, then I grabbed what was in the current -stable source and got the same error as Igor. It compiled after deleting the line in main.c that I saw in the errors, and it seems to work, but reckless deletion scares me. I wonder what the line was for.... Anyhow, any help is appreciated. Thanks, Charles On Sun, 17 Nov 1996, Eric Allman wrote: > This patch is against 8.8.2, not 8.7.6. You need to upgrade to 8.8; > 8.7.x is no long supported. > > eric > > > ============= In Reply To: =========================================== > : From: igor@alecto.physics.uiuc.edu (Igor Roshchin) > : Subject: Re: New sendmail bug... > : Date: Sun, 17 Nov 1996 21:12:33 -0600 (CST) > > : Hello! > : > : May be I am missing something, > : but I was not able to compile the patched version > : of the sendmail 8.7.6.4, > : as it appears in FreeBSD distribution (sup.freebsd.org). > : > : main.o: Undefined symbol `_vendor_daemon_setup' referenced from text segment > : *** Error code 1 > : > : > : Is it a problem due to the version of FreeBSD ? > : I tried it on 2.1.5-stable and 2.1.5-release; - > : results were the same. > : > : Thanks in advance for your suggestions. > : > : IgoR > : > : > : > > : > ------- main.c ------- > : > *** - Wed Dec 31 16:00:00 1969 > : > --- main.c Sat Nov 16 07:07:17 1996 > : > *************** > : > *** 493,507 **** > : > { > : > case MD_DAEMON: > : > case MD_FGDAEMON: > : > ! # ifdef DAEMON > : > ! if (RealUid != 0) > : > ! { > : > ! usrerr("Permission denied"); > : > ! exit(EX_USAGE); > : > ! } > : > ! vendor_daemon_setup(CurEnv); > : > ! /* fall through ... */ > : > ! # else > : > usrerr("Daemon mode not implemented"); > : > ExitStat = EX_USAGE; > : > break; > : > --- 493,499 ---- > : > { > : > case MD_DAEMON: > : > case MD_FGDAEMON: > : > ! # ifndef DAEMON > : > usrerr("Daemon mode not implemented"); > : > ExitStat = EX_USAGE; > : > break; > : > *************** > : > *** 899,904 **** > : > --- 891,904 ---- > : > /* fall through ... */ > : > > : > case MD_DAEMON: > : > + /* check for permissions */ > : > + if (RealUid != 0) > : > + { > : > + usrerr("Permission denied"); > : > + exit(EX_USAGE); > : > + } > : > + vendor_daemon_setup(CurEnv); > : > + > : > /* remove things that don't make sense in daemon mode */ > : > FullName = NULL; > : > GrabTo = FALSE; > : > *************** > : > *** 1932,1937 **** > : > --- 1932,1946 ---- > : > syslog(LOG_INFO, "restarting %s on signal", SaveArgv[0]); > : > #endif > : > releasesignal(SIGHUP); > : > + if (setuid(RealUid) < 0 || setgid(RealGid) < 0) > : > + { > : > + #ifdef LOG > : > + if (LogLevel > 0) > : > + syslog(LOG_ALERT, "could not set[ug]id(%d, %d): %m", > : > + RealUid, RealGid); > : > + #endif > : > + exit(EX_OSERR); > : > + } > : > execv(SaveArgv[0], (ARGV_T) SaveArgv); > : > #ifdef LOG > : > if (LogLevel > 0) > : > > : > > : > > >