[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#841257: sendmail: Privilege escalation from group smmsp to (user) root



Hmm (again) ... Maybe file /usr/share/sendmail/sendmail needs updating
also? It is almost identical to /etc/init.d/sendmail, and in file
/etc/cron.daily/sendmail I notice the lines:

...
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to run the MSP queues.
*/20 *    *    *    *		smmsp	test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-msp
#
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to run the MTA queues.
# Will also run MSP queues if enabled
#*/10 *    *    *    *		root	test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-mta
...

Maybe no problem as long as that second line is commented out.

I wonder about the first line (whether it is needed), seeing how my
machines always have a process like:

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
smmsp     2880  0.0  0.0  11956  3236 ?        Ss   Oct11   0:00 sendmail: Queue runner@00:10:00 for /var/spool/mqueue-client

running.

Cheers, Paul

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


Reply to: