http://www.hughes-family.org/bugzilla/show_bug.cgi?id=119
Summary: spamd paranoid mode behavior
Product: Spamassassin
Version: 2.11
Platform: PC
OS/Version: FreeBSD
Status: NEW
Severity: normal
Priority: P2
Component: spamc/spamd
AssignedTo: [EMAIL PROTECTED]
ReportedBy: [EMAIL PROTECTED]
I started looking at spamd's behavior when running in paranoid mode (-P)
and found that it's possible it will continue running as root under
certain circumstances. I'm not 100% sure what the intended behavior is
when running spamd with -P but in my interpretation, it should view
running with a uid of 0 as an error and exit.
There could be many fixes for this but like I say, I'm not sure what the
intended bahavior is. My patch does the following:
after handle_user() (assuming that spamd is not run with -u):
if uid is still 0
if running with -P
die
try setuid to 'nobody'
if that fails
die
now proceed with processing email as either the uid of
the person running spamc or as 'nobody' ...
previous behavior was:
if uid is still 0 and running with -P
log a message
else if uid is still 0
setuid to nobody
if that failed
die
go on processing (possibly as root) ...
There is also a bug in handle_user() that could cause processing to
continue even if the setuid() failed.
.joel
--- spamd/spamd.raw.orig Fri Mar 22 17:23:57 2002
+++ spamd/spamd.raw Fri Mar 22 22:53:12 2002
@@ -275,17 +275,20 @@
}
}
- if ($spamtest->{paranoid} && $setuid_to_user && $> == 0)
- {
- logmsg "PARANOID: Still running as root, close connection.";
- }
- elsif ( $setuid_to_user && $> == 0 )
- {
+ if ( $setuid_to_user && $> == 0 )
+ {
+ if ($spamtest->{paranoid}) {
+ logmsg "PARANOID: still running as root, closing connection.";
+ die;
+ }
logmsg "Still running as root: user not specified, ".
"not found, or set to root. Fall back to nobody.";
my $uid = getpwnam('nobody');
- if (!defined $uid) { die "no UID for nobody"; }
- $> = $uid;
+ $> = $uid;
+ if ( !defined($uid) || $> != $uid ) {
+ logmsg "fatal: setuid to nobody failed";
+ die;
+ }
}
my $resp = "EX_OK";
@@ -382,17 +385,20 @@
}
}
- if ($spamtest->{paranoid} && $setuid_to_user && $> == 0)
- {
- logmsg "PARANOID: Still running as root, close connection.";
- }
- elsif ( $setuid_to_user && $> == 0 )
+ if ( $setuid_to_user && $> == 0 )
{
+ if ($spamtest->{paranoid}) {
+ logmsg "PARANOID: still running as root, closing connection.";
+ die;
+ }
logmsg "Still running as root: user not specified, ".
"not found, or set to root. Fall back to nobody.";
my $uid = getpwnam('nobody');
- if (!defined $uid) { die "no UID for nobody"; }
- $> = $uid;
+ $> = $uid;
+ if ( !defined($uid) || $> != $uid ) {
+ logmsg "fatal: setuid to nobody failed";
+ die;
+ }
}
my $resp = "EX_OK";
@@ -507,8 +513,8 @@
if ($setuid_to_user) {
$> = $uid;
- if ($> != $uid) {
- logmsg "setuid to $uid failed";
+ if ( !defined($uid) || $> != $uid ) {
+ logmsg "fatal: setuid to $username failed";
die; # make it fatal to avoid security breaches
}
}
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
