Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 396201

Summary: net-mail/dovecot-2.0.16 dovecot-lda should no be suid
Product: Gentoo Linux Reporter: Francesco Riosa <vivo75>
Component: [OLD] ServerAssignee: Eray Aslan <eras>
Status: RESOLVED INVALID    
Severity: normal CC: net-mail+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Francesco Riosa 2011-12-27 13:33:00 UTC 
/usr/libexec/dovecot/deliver which is a symlynk to /usr/libexec/dovecot/dovecot-lda is suid.

This conflict with the need of postfix (for example) to run it under it's own user, follow a master.cf exerpt:

dovecot-lda   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${domain}

suggestion:
Control the flags of this executable with an USE flag.
Comment 1 Francesco Riosa 2011-12-27 13:35:25 UTC 
forgot to mention, I'm quite sure this changed with 2.0.16, breaking existing installations.
Comment 2 Eray Aslan gentoo-dev 2011-12-27 15:19:48 UTC 
Turn off suid USE flag if you do not want a suid dovecot-lda.
Comment 3 Francesco Riosa 2011-12-27 15:32:56 UTC 
sorry for the noise, I've totally missed the use flag