Bug#684679: RFS: nullmailer/1:1.11-2 (security bugfix upload request)
Hi Nick,
On Tue, Aug 21, 2012 at 09:29:28AM +0100, Nick Leverton wrote:
> Thanks also Bart for reminding me of the other approach.
My pleasure.
> (sorry I am
> a bit distracted by home things at the moment).
No problem at all.
> diff -Nru nullmailer-1.11/debian/postinst nullmailer-1.11/debian/postinst
> --- nullmailer-1.11/debian/postinst 2012-05-16 08:25:36.000000000 +0100
> +++ nullmailer-1.11/debian/postinst 2012-08-21 09:07:21.000000000 +0100
> @@ -24,6 +24,15 @@
> fi
>
> db_get nullmailer/relayhost
> + # securely create nullmailer/remotes with mode 0600
> + if [ ! -e /etc/nullmailer/remotes ]
> + then
> + M=$( umask )
> + umask 077
> + > /etc/nullmailer/remotes
> + chown mail:mail /etc/nullmailer/remotes
> + umask $M
> + fi
> echo "$RET" | sed -r -e ':a s/(\[[^]:]*):/\1=/; ta' \
> -e 's/[[:space:]]*:[[:space:]]*/\n/g' \
> -e ':b s/(\[[^]=]*)=/\1:/; tb' \
What if the file already exists : No chmod and no chown needed then ?
Regards,
Bart Martens
Reply to: