Re: sendmail and suidness (or lack thereof)

To: Richard A Nelson <cowboy@vnet.ibm.com>, <debian-devel@lists.debian.org>
Subject: Re: sendmail and suidness (or lack thereof)
From: Russell Coker <russell@coker.com.au>
Date: Thu, 5 Apr 2001 01:00:33 +1000
Message-id: <[🔎] 0104050100330G.12361@lyta>
Reply-to: Russell Coker <russell@coker.com.au>
In-reply-to: <[🔎] Pine.LNX.4.33.0104032302040.14923-100000@back40>
References: <[🔎] Pine.LNX.4.33.0104032302040.14923-100000@back40>

On Wednesday 04 April 2001 13:27, Richard A Nelson wrote:
> I'm considering a change in the sendmail package to increase security -
> this change may also windup being the default in later sendmail
> distributions.
>
> I'd appreciate comments (other than MTA flamewars please).  I'll try
> be both succinct, and yet provide enough information - a hard row to
> hoe...
>
> The change is based upon the reasons sendmail has for root:
>   * bind to port 25 (could be done via authbind)

Also can be done by inetd as I did in ~1995.

>   * calls to LDA (procmail, etc) that aren't suid root - no alternative

You can tell sendmail to only use /var/spool/mail and make it group writable 
by group "mail".

>   * read user's .forward - no alternative

.forward can be world-readable and the user's home directory can be mode 711.

> sm-mta would not be in the search order, not suid, not be world
> readable/executable... owned and executed by root via todays
> /etc/init.d/sendmail.  It'd bind to port 25 and handle passing of mail
> onto LDAs.

Why not have it run from inetd as some other user?

> It'd be rare that sm-mta didn't accept the message (and it'd be queued),
> but none the less, there'd be need of either a cronjob, or an instance
> of sm-msp to periodically dump the new queue to ms-mta.

For mail relay machines and for processing .forward files which deliver to 
outside machines you need to have "sendmail -q" run from cron.  Also your 
cron job has to make sure that you don't have two copies running at the same 
time because things go bad then.

> I'm implimenting this on my boxen for testing, and would welcome other
> ideas, questions & complaints (again, pissing contests will be deleted
> post haste).

See my web page http://www.coker.com.au/~russell/sendmail.html .  You seem to 
have covered most things that my web page covered, but you might find 
something of use.
Incidentally this is the most popular of my web pages.  I have been 
consistantly getting a minimum of 100 hits per week for 5 years.

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page

Reply to:

Follow-Ups:
- Re: sendmail and suidness (or lack thereof)
  - From: Richard A Nelson <cowboy@vnet.ibm.com>

References:
- sendmail and suidness (or lack thereof)
  - From: Richard A Nelson <cowboy@vnet.ibm.com>

Prev by Date: Re: devfsd
Next by Date: Packages in main depending on contrib|nonfree (was: scripts on pandora)
Previous by thread: Re: sendmail and suidness (or lack thereof)
Next by thread: Re: sendmail and suidness (or lack thereof)
Index(es):
- Date
- Thread