Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 27 Sep 2002 12:34:21 -0400
From:      "Dan Langille" <dan@langille.org>
To:        Matthew Seaman <m.seaman@infracaninophile.co.uk>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: sendmail: File descriptors missing on startup: stderr; Bad file descriptor
Message-ID:  <3D94504D.7219.709D8853@localhost>
In-Reply-To: <20020927163141.GA16132@happy-idiot-talk.infracaninophi>
References:  <3D941EE0.5166.6FDC7551@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 27 Sep 2002 at 17:31, Matthew Seaman wrote:

> On Fri, Sep 27, 2002 at 09:03:28AM -0400, Dan Langille wrote:
> > I keep seeing this in /var/log/maillog but do not know the cause:
> > 
> >    sendmail[42390]: File descriptors missing on startup: stderr; Bad
> >                  file descriptor
> > 
> > I'm on FreeBSD 4.6-STABLE #0: Thu Sep 26 09:02:16 EDT 2002 with
> > sendmail 8.12.5
> > 
> > Any ideas on cause/fix?
> 
> What command line are you using to start sendmail? That error message
> suggests that the stderr file descriptor, which sendmail inherits from
> the shell where it is started, is bogus.  The kernel will sanity check
> the standard descriptors when starting up SUID or SGID processes, and
> if any are closed, will open them up again on /dev/null.  There was an
> egregious security bug exploiting that situation going the rounds a
> few months ago.  See
> ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02%3A23.s
> tdio.asc
> 
> However, that was fixed before 4.6-RELEASE.  Also I believe that it
> was never possible to attack sendmail that way because the first thing
> sendmail does when being started in daemon mode is to walk through
> it's filedescriptor table and close them all down.  The standard 0, 1,
> 2 descriptors are then immediately re-opened onto /dev/null. That's
> something that should be standard procedure for starting up any
> daemonized process and it is built into the daemon(3) function.

I'm sorry, I didn't mean for this message to go out.  I've solved the 
problem by upgrading netsaint.  Thank you for your reply.
-- 
Dan Langille
I'm looking for a computer job:
http://www.freebsddiary.org/dan_langille.php


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D94504D.7219.709D8853>