On 11 Feb 2012, at 12:45, Jerry wrote:
On Sat, 11 Feb 2012 12:16:59 -0500
Jorge Luis Gonzalez articulated:
Even though I installed from ports (twice), at some point I overwrote
mailwrapper, probably with the sendmail binary.
That is what is so scary. There is no way you could accidentally do
that.
+1 with some data:
Across 42 instances that I administer of FreeBSD of the full 6.3-8.2
version range, including 32 and 64 bit, VMWare, Xen, jails, and bare
metal with varied histories and purposes and a mix of current and past
mail subsystems (including switching back and forth in some cases) (yes,
it's a mess, I know, I'm working on it...) I see none with a symlink for
/usr/sbin/mailwrapper and identical checksums for all versions of that
binary file from each unique release+platfom tuple, i.e. for systems
with matching 'uname -rp' output, the mailwrapper binaries match.
Shorter: in a messy environment where one might expect to see obscure
installation errors crop up with Postfix, I've never seen this.
That makes it a *scary* event because there is a history of unix
rootkits hiding themselves by inserting themselves into
backward-compatibility mechanisms like the one used for mail programs on
FreeBSD. When the linkage of such a mechanism is damaged in a way that
would work in some cases and would not stand out as wrong for most
admins, you have to start considering the possibility of a subtle and
sophisticated compromise.
The port will modify the wrapper if you give it permission to do
so; however, it will not do what you apparently accomplished. I am
wondering if you did not give the port permission to over write the
mailwrapper.
Uh, whut?
I could be misunderstanding you, but I think that's wrong. The
pkg-install script asks to modify mailer.conf but it does not modify
mailwrapper itself.
