Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 18 Nov 1996 08:30:43 +0100
From:      Poul-Henning Kamp <phk@critter.tfs.com>
To:        Michael Smith <msmith@atrad.adelaide.edu.au>
Cc:        imp@village.org (Warner Losh), newton@communica.com.au, batie@agora.rdrop.com, adam@homeport.org, pgiffuni@fps.biblos.unal.edu.co, freebsd-security@FreeBSD.org
Subject:   Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). 
Message-ID:  <9172.848302243@critter.tfs.com>
In-Reply-To: Your message of "Mon, 18 Nov 1996 14:05:04 %2B1030." <199611180335.OAA17231@genesis.atrad.adelaide.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <199611180335.OAA17231@genesis.atrad.adelaide.edu.au>, Michael Smith
 writes:
>Warner Losh stands accused of saying:
>> 
>> I don't buy this.  You need to be able to create a mailbox of an
>> arbitrary user, and then write to that mailbox with that user's uid,
>> or to a shell of that user's uid.  To do otherwise would introduce
>> other security problems, some of which have been beat to death in the
>> freebsd lists.
>> 
>> What am I missing?
>
>mail.local.
>
>Mark's sense of warmth is perhaps slightly over-smug, but his point is
>valid.  In fact, if it were possible to be non-root and bind to port 25,
>then sendmail could be run non-root in daemon mode and not be called from
>cron (which Mark omitted to mention).

What we REALLY need, is a way for root, to hand out certain priviledges.

Imagine this:

	sysctl -w net.inet.tcp.uidforport.25=`id -ur smtp`
	sysctl -w net.inet.tcp.uidforport.20=`id -ur ftp`
	sysctl -w net.inet.tcp.uidforport.21=`id -ur ftp`
	sysctl -w net.inet.tcp.uidforport.119=`id -ur nntp`

This means that users with UID smtp can bind to socket 25 (aka smtp),
and so on.  Now sendmail NEVER needs to be root.

How's that for security ?

--
Poul-Henning Kamp           | phk@FreeBSD.ORG       FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk    Private mailbox.
whois: [PHK]                | phk@ref.tfs.com       TRW Financial Systems, Inc.
Future will arrive by its own means, progress not so.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9172.848302243>