ports/51680: security/cyrus-sasl?: Group readable file when sending locally
Scot W. Hetzel
hetzels at westbend.net
Tue May 6 00:40:17 UTC 2003
The following reply was made to PR ports/51680; it has been noted by GNATS.
From: "Scot W. Hetzel" <hetzels at westbend.net>
To: FreeBSD-gnats-submit at freebsd.org
Cc: ume at freebsd.org
Subject: Re: ports/51680: security/cyrus-sasl?: Group readable file when sending locally
Date: Mon, 5 May 2003 19:39:46 -0500 (CDT)
According to Greg Shapiro <gshapiro at gshapiro.net>, pine by default is
using SMTP, and therfore SMTP AUTH if compiled into sendmail. To disable
SMTP AUTH we need to define DAEMON_OPTIONS for the loopback interface.
Apply this patch to both cyrus-sasl ports.
Scot
Index: Sendmail.README
===================================================================
RCS file: /home/ncvs/ports/security/cyrus-sasl/files/Sendmail.README,v
retrieving revision 1.8
diff -u -r1.8 Sendmail.README
--- Sendmail.README 5 Oct 2002 19:38:18 -0000 1.8
+++ Sendmail.README 5 May 2003 23:01:08 -0000
@@ -41,6 +41,17 @@
dnl Use the following for Sendmail 8.10 - 8.11
define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl
+5) Add the following before FEATURE(msp) in your sendmail 8.12 submit.mc file:
+
+ DAEMON_OPTIONS(`Name=NoMTA, Addr=127.0.0.1, M=EA')dnl
+
+ This disables SMTP AUTH on the loopback interface. Otherwise you may get
+ the following error in the log:
+
+ error: safesasl(/usr/local/etc/sasldb) failed: Group readable file
+
+ when sending mail locally (seen when using pine locally on same server).
+
----
Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4.
More information about the freebsd-ports-bugs
mailing list