Dear Gabor Kiss, first thanks for your bug report, it's definitly a bug in the init script although the security implications may only be serious when avamisd-new or amavisd-milter themselves expose a vulnerability as /etc/default/amavisd-milter is owned/writeable only by root and running the init script requires root privileges. Nonetheless this is an issue so I attached a patch which should solve it. Could you please save the attached patch to /tmp/ and apply it by issuing cd /; patch < /tmp/amavisd-milter_owner-fix.patch and afterwards tell me if this solved the problem?
Kind regards Harald Jenny
--- /etc/init.d/amavisd-milter 2010-05-12 23:01:42.000000000 +0200 +++ /etc/init.d/amavisd-milter_FIXED 2011-01-12 22:25:03.000000000 +0100 @@ -42,7 +42,7 @@ [ $EXTRAPARAMS ] && OPTIONS="$OPTIONS $EXTRAPARAMS" [ $PIDFILE ] && ([ -d $(dirname $PIDFILE) ] || mkdir $(dirname $PIDFILE) && chown $USER:$(id $USER -g -n) $(dirname $PIDFILE)) -[ $MILTERSOCKET ] && ([ -d $(dirname $MILTERSOCKET) ] || mkdir $(dirname $MILTERSOCKET) && chown $USER $(dirname $MILTERSOCKET)) +([ $MILTERSOCKET ] && [ "`echo $MILTERSOCKET | grep -v ^inet`" ]) && ([ -d $(dirname $MILTERSOCKET) ] || mkdir $(dirname $MILTERSOCKET) && chown $USER $(dirname $MILTERSOCKET)) START="--start --quiet --chuid $USER --pidfile $PIDFILE --startas $DAEMON --name $NAME -- $OPTIONS" STOP="--stop --quiet --retry 10 --pidfile $PIDFILE --startas $DAEMON --name $NAME" @@ -56,8 +56,8 @@ start-stop-daemon $START case "$?" in 0) log_end_msg 0 - [ $MILTERSOCKET ] && [ $MILTERSOCKETOWNER ] && chown $MILTERSOCKETOWNER $MILTERSOCKET - [ $MILTERSOCKET ] && [ $MILTERSOCKETMODE ] && chmod $MILTERSOCKETMODE $MILTERSOCKET ;; + [ $MILTERSOCKET ] && [ "`echo $MILTERSOCKET | grep -v ^inet`" ] && [ $MILTERSOCKETOWNER ] && chown $MILTERSOCKETOWNER $MILTERSOCKET + [ $MILTERSOCKET ] && [ "`echo $MILTERSOCKET | grep -v ^inet`" ] && [ $MILTERSOCKETMODE ] && chmod $MILTERSOCKETMODE $MILTERSOCKET ;; 1) log_progress_msg "already started" log_end_msg 0 ;; *) log_end_msg $? ;;
