Re: Making root run fetchmail as a user?

To: Mark Devin <mdevin@ozemail.com.au>
Cc: Debian-user <debian-user@lists.debian.org>
Subject: Re: Making root run fetchmail as a user?
From: Henrique M Holschuh <hmh@debian.org>
Date: Mon, 26 Mar 2001 10:21:48 -0300
Message-id: <[🔎] 20010326102148.B21171@godzillah>
In-reply-to: <[🔎] 3ABF39F8.70272FCA@ozemail.com.au>; from mdevin@ozemail.com.au on Mon, Mar 26, 2001 at 10:45:44PM +1000
References: <[🔎] 3ABF39F8.70272FCA@ozemail.com.au>

On Mon, 26 Mar 2001, Mark Devin wrote:
> I would like to make fetchmail run as a user rather than root when run
> via my /etc/ppp/ip-up.d/fetchmail-up script

You should consider the possibility of trying that using the fetchmail from
unstable. It is safer... (speaking as the maintainer for fetchmail).

> Make a home directory for user mail - /home/mail
> set the owner and group for this directory to "mail"
> chown mail /usr/bin/fetchmail chgrp mail /usr/bin/fetchmail
> chmod 4755 /usr/bin/fetchmail

There are much easier ways. The one that strikes me as good for root is to
run su mail /usr/bin/fetchmail

You can even have fetchmail as the default shell for user mail, and call su
mail -  I think.  man su will tell you more.

In most PAM configurations, root can su to another user without any sort of
autentication checks.

OR, you could simply have cron calling fetchmail for user mail...

> I wanted to do it this way 'cause I thought it would be more secure - ie
> less things running as root the better.  But I guess its not possible to
> be cracked via fetchmail since it doesn't accept connections, it makes
> them itself.

I've never heard of anyone cracking fetchmail, but it is NOT crack-proof,
and I think there are some potential buffer overflows in the code (there
were in the past).

An hostile server could attack fetchmail. If fetchmail is running as root,
this _could_ lead to root compromise.

> Any ideas 'cause it would be useful to know how to do it anyway.

Do keep in mind that if you run fetchmail as user 'mail', it cannot change
uid to deliver mail as it would were it root. This does not make it
impossible to do what you want, it is just something you have to take into
account.

I'll play around with the idea and maybe even add something like that to
Debian's default fetchmail package. No promisses, though.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Attachment: pgp3OXcr_ONyA.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Making root run fetchmail as a user?
  - From: Mark Devin <mdevin@ozemail.com.au>

References:
- Making root run fetchmail as a user?
  - From: Mark Devin <mdevin@ozemail.com.au>

Prev by Date: Linux in the company
Next by Date: Re: Making root run fetchmail as a user?
Previous by thread: Making root run fetchmail as a user?
Next by thread: Re: Making root run fetchmail as a user?
Index(es):
- Date
- Thread