Bug 91426 - mail-filter/amavisd-new insecure file permission
|
Bug#:
91426
|
Product: Gentoo Security
|
Version: unspecified
|
Platform: All
|
|
OS/Version: Linux
|
Status: RESOLVED
|
Severity: normal
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: security@gentoo.org
|
Reported By: zataz@zataz.net
|
|
Component: Vulnerabilities
|
|
|
URL:
|
|
Summary: mail-filter/amavisd-new insecure file permission
|
|
Keywords:
|
|
Status Whiteboard: B4 [noglsa] jaervosz
|
|
Opened: 2005-05-04 06:23 0000
|
Hello,
the file /etc/amavisd.conf has bad right.
If you use amavisd-new is compiled with mysql or postgresql this file shouldn't be other readable, they are sensitive informations in this file.
Maybe could be chown root:amavis amavisd.conf && chmod 540 amavisd.conf
Also, this is possible that other importante file of amavis are readable or exectuble by all
Regards
Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Actual Results:
/etc/amavisd.conf readable by all
Expected Results:
/etc/amavisd.conf shouldn't be readable by all
How to configure amavisd-new with mysql :
@lookup_sql_dsn =
( ['DBI:mysql:maildb:host1', 'mail', 'very_secret_password'] );
(For clarity uncomment the default)
$sql_select_policy = 'SELECT *,users.id FROM users,policy'.
' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'.
' ORDER BY users.priority DESC';
(If you want sender white/blacklisting)
$sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'.
' WHERE (wblist.rid=?) AND (wblist.sid=mailaddr.id)'.
' AND (mailaddr.email IN (%k))'.
' ORDER BY mailaddr.priority DESC';
Just in case you need net-mail advise, setting sane permissions on
/etc/amavisd.conf shouldn't cause any problems. I don't know of other apps that
need access to that file
Cheers,
Ferdy
Thx Ferdy, I don't need advise (this time), I need an updated ebuild:-)
Ok, 2.2.1-r2 (latest stable on multiple arches) has been committed to fix this
- 0640 permissions are now being used for /etc/amavisd.conf, which is being
owned by root:amavis.
I didn't bump unstable version (2.3.0), just modified it.
Thx everyone, this is ready for GLSA decision.
I vote for NO GLSA.
A message to warn sysadmin could be good, no need of GLSA i think
Right, as portage doesn't change the permissions of an existing file in /etc,
we need to tell the admin to do it himself. Too bad.
ewarn message added to both 2.2.1-r2 and 2.3.0.
Adding Marius so he can comment.
Well, you could change it in pkg_postinst. Just be minimal invaise there (so
prefer `chmod o-rwx` over `chmod 640`), otherwise people might get pissed that
you're grant permissions instead of removing them (in case they did a chmod 600
for example).
Thx Marius.
Ticho I believe this should be added as well, back to ebuild status.
Ok, committed. Thanks, Marius.
Thx Thico.
Back to glsa? One NO vote so far.
Sorry only Security Team members vote count officially. So please vote.
