ports/80842: spamd does not properly drop root privs
Charles Sprickman
spork at bway.net
Tue May 10 02:00:24 UTC 2005
>Number: 80842
>Category: ports
>Synopsis: spamd does not properly drop root privs
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue May 10 02:00:23 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Charles Sprickman
>Release: 4.11
>Organization:
Bway.net
>Environment:
FreeBSD spamd3.bway.net 4.11-RELEASE-p4 FreeBSD 4.11-RELEASE-p4 #0: Sat Apr 23 23:46:47 EDT 2005 spork at spamd3.bway.net:/usr/obj/usr/src/sys/SPAMD i386
>Description:
Spamd has been partially patched in the port to try and spawn all children as the "spamd" user, but it does not seem to work. Perl 5.6.2 from ports here. Tried 5.8, but it was a bit bulky and caused spamd to barf on some unicode stuff.
>How-To-Repeat:
Run stock spamd config, watch children spawn as root.
>Fix:
There is another patch referenced in this bugzilla entry:
http://bugzilla.spamassassin.org/show_bug.cgi?id=3897
which is here:
http://bugzilla.spamassassin.org/show_bug.cgi?id=3900
And this patch: http://bugzilla.spamassassin.org/attachment.cgi?id=2454
applies clean and has fixed it for me so far (24 hours or so).
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list