Bug#841257: sendmail: Privilege escalation from group smmsp to (user) root
Hmm (again) ... Maybe file /usr/share/sendmail/sendmail needs updating
also? It is almost identical to /etc/init.d/sendmail, and in file
/etc/cron.daily/sendmail I notice the lines:
...
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to run the MSP queues.
*/20 * * * * smmsp test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-msp
#
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to run the MTA queues.
# Will also run MSP queues if enabled
#*/10 * * * * root test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-mta
...
Maybe no problem as long as that second line is commented out.
I wonder about the first line (whether it is needed), seeing how my
machines always have a process like:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
smmsp 2880 0.0 0.0 11956 3236 ? Ss Oct11 0:00 sendmail: Queue runner@00:10:00 for /var/spool/mqueue-client
running.
Cheers, Paul
Paul Szabo psz@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
Reply to: