Hello, the file /etc/amavisd.conf has bad right. If you use amavisd-new is compiled with mysql or postgresql this file shouldn't be other readable, they are sensitive informations in this file. Maybe could be chown root:amavis amavisd.conf && chmod 540 amavisd.conf Also, this is possible that other importante file of amavis are readable or exectuble by all Regards Reproducible: Always Steps to Reproduce: 1. 2. 3. Actual Results: /etc/amavisd.conf readable by all Expected Results: /etc/amavisd.conf shouldn't be readable by all How to configure amavisd-new with mysql : @lookup_sql_dsn = ( ['DBI:mysql:maildb:host1', 'mail', 'very_secret_password'] ); (For clarity uncomment the default) $sql_select_policy = 'SELECT *,users.id FROM users,policy'. ' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'. ' ORDER BY users.priority DESC'; (If you want sender white/blacklisting) $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'. ' WHERE (wblist.rid=?) AND (wblist.sid=mailaddr.id)'. ' AND (mailaddr.email IN (%k))'. ' ORDER BY mailaddr.priority DESC';
Just in case you need net-mail advise, setting sane permissions on /etc/amavisd.conf shouldn't cause any problems. I don't know of other apps that need access to that file Cheers, Ferdy
Thx Ferdy, I don't need advise (this time), I need an updated ebuild:-)
Ok, 2.2.1-r2 (latest stable on multiple arches) has been committed to fix this - 0640 permissions are now being used for /etc/amavisd.conf, which is being owned by root:amavis. I didn't bump unstable version (2.3.0), just modified it.
Thx everyone, this is ready for GLSA decision. I vote for NO GLSA.
A message to warn sysadmin could be good, no need of GLSA i think
Right, as portage doesn't change the permissions of an existing file in /etc, we need to tell the admin to do it himself. Too bad.
ewarn message added to both 2.2.1-r2 and 2.3.0.
Adding Marius so he can comment.
Well, you could change it in pkg_postinst. Just be minimal invaise there (so prefer `chmod o-rwx` over `chmod 640`), otherwise people might get pissed that you're grant permissions instead of removing them (in case they did a chmod 600 for example).
Thx Marius. Ticho I believe this should be added as well, back to ebuild status.
Ok, committed. Thanks, Marius.
Thx Thico. Back to glsa? One NO vote so far.
NO from me as well.
Sorry only Security Team members vote count officially. So please vote.
Voting NO and closing.
