[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

mail.local vs. Smail3

To: OpenBSD Misc List <misc@openbsd.org>
Subject: mail.local vs. Smail3
From: Louis Bertrand <louis@signalpath.on.ca>
Date: Mon, 4 Jan 1999 14:59:04 -0500 (EST)

Hello all,

I just finished refereeing a fight between OpenBSD's mail.local(8) and the
Smail3 MTA (drop-in replacement for sendmail with human-readable configs).
There is definitely a trade-off between security and functionality here...

The issue was delivery to a local mailbox after aliases and forwarding are
resolved. Smail pipes the message to mail.local(8) but mail.local fails
because it wants to be invoked as root (it compares geteuid() against 0)
as soon as it starts. Since Smail runs as root (same as sendmail), it's no
problem telling it to invoke mail.local as root (as soon as I figured out
which variable to set where...).

I would like to make changes to the way OpenBSD delivers and stores mail.
It's silly and needlessly paranoid to insist that mail.local run as root.
Instead, the files in the mail spool directory (/var/mail/<user>) should 
have gid=mail and run mail.local with gid mail and uid nobody (as Smail
prefers).

The way to do this is to patch mail.local to first check gid against the
mail gid (if so, /var/mail is gid=mail) or revert to the must-run-as-root
behaviour.

I can take a shot at coding the patch, but first I'd like the group's
opinion on this change.

Thanks
 --Louis

Louis Bertrand, Bowmanville, ON, Canada
<louis@signalpath.on.ca>

OpenBSD: Security matters  <www.OpenBSD.org>

Follow-Ups:
- Re: mail.local vs. Smail3
  - From: "Todd C. Miller" <Todd.Miller@courtesan.com>
- Re: mail.local vs. Smail3
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>
- Re: mail.local vs. Smail3
  - From: stanislav shalunov <shalunov@websci.com>

Prev by Date: Re: OpenBSD m68k on Centris 650
Next by Date: Re: Dual-boot timezone annoyance
Prev by thread: Re: OpenBSD m68k on Centris 650
Next by thread: Re: mail.local vs. Smail3
Index(es):
- Date
- Thread