ports/115957: Questionable ownership and security on dspam port
Internet Partners, Inc. Tech Support
support at ipinc.net
Fri Aug 31 22:00:07 UTC 2007
The following reply was made to PR ports/115957; it has been noted by GNATS.
From: "Internet Partners, Inc. Tech Support" <support at ipinc.net>
To: <bug-followup at FreeBSD.org>
Cc:
Subject: Re: ports/115957: Questionable ownership and security on dspam port
Date: Fri, 31 Aug 2007 14:19:20 -0700
send-pr ate the first part of this PR so here's the rest:
The Dspam port in /usr/ports/mail/dspam by default installs with the
following options:
DSPAM_HOME_OWNER=root
DSPAM_HOME_OWNER=mail
It also sets up the webUI to run suexec.
THe problem here is that under Apache 1.3 the suexec header has a minimum
UID and GIU in it's header of 100
This makes it impossible to run the dspam webUI. If you try running the
webUI
under a dspam user above 100, then it can't read /var/db/dspam/data
directories.
If you try running the webUI under a GID of mail, suexec won't allow it to
run.
The ideal thing from a security standpoint would be for the dspam port to
install with DSPAM_HOME_OWNER and DSPAM_HOME_OWNER both set to username
dspam, and have the port create that UID and GID on the system. That is how
the port USED to work. I don't know why the maintainer changed it.
If for some reason dspam must run with root UID in order to work with mail,
then the port should check the minimum GID in suexec with a test program,
and
issue an error to the admin to recompile suexec with a minimum GID of 5,
then
the apache entry for the port then runs the dspam vhost web UI under the
mail group.
More information about the freebsd-ports-bugs
mailing list