ports/114945: [request] Protect mail/ssmtp configuration files
Ernst de Haan
znerd at FreeBSD.org
Thu Jul 26 15:20:02 UTC 2007
>Synopsis: [request] Protect mail/ssmtp configuration files
>Arrival-Date: Thu Jul 26 15:20:02 GMT 2007
>Originator: Ernst de Haan
>Release: FreeBSD 6.2-RELEASE-p6 amd64
System: FreeBSD andes.pensioenpage.com 6.2-RELEASE-p6 FreeBSD 6.2-RELEASE-p6 #2: Wed Jul 25 11:33:08 CEST 2007 root at andes.pensioenpage.com:/usr/obj/usr/src/sys/ANDES amd64
mail/ssmtp is a minimalistic tool that allows sending of e-mail from the host it is installed on, using the SMTP services provided by another host.
The following would -in my opinion- be a normal situation:
1. the SMTP service requires SSL;
2. the SMTP service requires authentication;
3. the authentication details are considered confidential.
This is hard to accomplish with the current mail/ssmtp port, since the /usr/local/etc/ssmtp.conf file is world-readable. This is required, since the ssmtp binary runs as the current user.
Hereby I request a solution is implemented for this. I propose the following:
1. During installation, add a user 'ssmtp' with no home directory, password and shell
2. Protect the /usr/local/etc/ssmtp/ directory by setting owner=ssmtp, group=wheel and permissions=rwxr-x---, so outside wheel nobody can read the files.
3. Make the 'ssmtp' executable owned by the user 'ssmtp' and mark it SUID.
More information about the freebsd-ports-bugs