Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 396201 - net-mail/dovecot-2.0.16 dovecot-lda should no be suid
Summary: net-mail/dovecot-2.0.16 dovecot-lda should no be suid
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Server (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Eray Aslan
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-27 13:33 UTC by Francesco Riosa
Modified: 2011-12-27 15:32 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Francesco Riosa 2011-12-27 13:33:00 UTC 
/usr/libexec/dovecot/deliver which is a symlynk to /usr/libexec/dovecot/dovecot-lda is suid.

This conflict with the need of postfix (for example) to run it under it's own user, follow a master.cf exerpt:

dovecot-lda   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${domain}

suggestion:
Control the flags of this executable with an USE flag.
Comment 1 Francesco Riosa 2011-12-27 13:35:25 UTC 
forgot to mention, I'm quite sure this changed with 2.0.16, breaking existing installations.
Comment 2 Eray Aslan gentoo-dev 2011-12-27 15:19:48 UTC 
Turn off suid USE flag if you do not want a suid dovecot-lda.
Comment 3 Francesco Riosa 2011-12-27 15:32:56 UTC 
sorry for the noise, I've totally missed the use flag