140141 – mail-mta/qmail password stored in /var/qmail/control/smtproutes is stored in cleartext and the file is world-readable

Bug 140141 - mail-mta/qmail password stored in /var/qmail/control/smtproutes is stored in cleartext and the file is world-readable

Summary: mail-mta/qmail password stored in /var/qmail/control/smtproutes is stored in ...

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High major
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-07-12 11:05 UTC by Burak Arslan
Modified:	2007-04-03 23:27 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Burak Arslan 2006-07-12 11:05:12 UTC

warehouse mp3 # emerge --info
Portage 2.0.54-r2 (default-linux/x86/no-nptl/2.4, gcc-3.3.6, glibc-2.3.6-r3, 2.6.16-gentoo-r7 i686)
=================================================================
System uname: 2.6.16-gentoo-r7 i686 Intel(R) Pentium(R) 4 CPU 3.00GHz
Gentoo Base System version 1.6.14
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
dev-lang/python:     2.3.5-r2, 2.4.2
dev-python/pycrypto: [Not Present]
dev-util/ccache:     [Not Present]
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.12
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1
sys-devel/gcc-config: 1.3.13-r2
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="x86"
ACCEPT_LICENSE=""
ADA_INCLUDE_PATH="/usr/lib/ada/adainclude/gtkada"
ADA_OBJECTS_PATH="/usr/lib/ada/adalib/gtkada"
ALSA_cards="hda-intel"
ANT_HOME="/usr/share/ant-core"
ARCH="x86"
AUTOCLEAN="yes"
BASH_ENV="/etc/spork/is/not/valid/profile.env"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O3 -march=pentium4 -fomit-frame-pointer -pipe"
CHOST="i686-pc-linux-gnu"
CLASSPATH="."
CLEAN_DELAY="5"
COLORTERM=""
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/lib/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/alias /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CVSROOT="/data/docs/src/cvs"
CVS_RSH="ssh"
CXXFLAGS="-O3 -march=pentium4 -fomit-frame-pointer -pipe"
DCCC_PATH="/usr/lib/distcc/bin"
DESKTOP_SESSION="kde-3.5"
DISPLAY=":0"
DISTCC_LOG=""
DISTCC_VERBOSE="0"
DISTDIR="/usr/portage/distfiles"
DM_CONTROL="/var/run/xdmctl"
EDITOR="/bin/nano"
ELIBC="glibc"
EMERGE_WARNING_DELAY="10"
FEATURES="autoconfig distlocks sandbox sfperms strict"
FETCHCOMMAND="/usr/bin/wget -t 5 --passive-ftp -P ${DISTDIR} ${URI}"
GCC_SPECS=""
GDK_USE_XFT="1"
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo"
GPS_DOC_PATH="/usr/share/doc/gps-bin-1.4.0/html"
GS_LIB="/home/plq/.fonts"
GTK2_RC_FILES="/etc/gtk-2.0/gtkrc:/home/plq/.gtkrc-2.0:/home/plq/.kde3.5/share/config/gtkrc-2.0"
GTK_RC_FILES="/etc/gtk/gtkrc:/home/plq/.gtkrc:/home/plq/.kde3.5/share/config/gtkrc"
G_BROKEN_FILENAMES="1"
HOME="/root"
HOSTNAME="warehouse"
INFODIR="/usr/athena/info"
INFOPATH="/usr/share/info:/usr/share/binutils-data/i686-pc-linux-gnu/2.16.1/info:/usr/share/gcc-data/i686-pc-linux-gnu/3.3.6/info:/usr/share/info/emacs-21"
JAVAC="/opt/blackdown-jdk-1.4.2.03/bin/javac"
JAVA_HOME="/opt/blackdown-jdk-1.4.2.03"
JDK_HOME="/opt/blackdown-jdk-1.4.2.03"
KDEDIRS="/usr"
KDE_FULL_SESSION="true"
KDE_MULTIHEAD="false"
KERNEL="linux"
KONSOLE_DCOP="DCOPRef(konsole-10511,konsole)"
KONSOLE_DCOP_SESSION="DCOPRef(konsole-10511,session-3)"
LANG="en_US.utf8"
LANGUAGE="en_US.utf8"
LC_ALL="en_US.utf8"
LESS="-R -M --shift 5"
LESSOPEN="|lesspipe.sh %s"
LOGNAME="root"
MAKEOPTS="-j4"
MANDIR="/usr/athena/man"
MANPATH="/usr/local/share/man:/usr/share/man:/usr/share/binutils-data/i686-pc-linux-gnu/2.16.1/man:/usr/share/gcc-data/i686-pc-linux-gnu/3.3.6/man::/opt/blackdown-jdk-1.4.2.03/man:/usr/qt/3/doc/man:/opt/vmware/man"
OPENGL_PROFILE="nvidia"
PAGER="/usr/bin/less"
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/athena/sbin:/usr/i686-pc-linux-gnu/gcc-bin/3.3.6:/opt/blackdown-jdk-1.4.2.03/bin:/opt/blackdown-jdk-1.4.2.03/jre/bin:/usr/kde/3.5/sbin:/usr/kde/3.5/bin:/usr/qt/3/bin:/opt/vmware/bin:/var/qmail/bin"
PKGDIR="/usr/portage/packages"
PORTAGE_ARCHLIST="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 ppc-macos s390 sh sparc x86 x86-fbsd"
PORTAGE_BINHOST_CHUNKSIZE="3000"
PORTAGE_CALLER="emerge"
PORTAGE_GID="250"
PORTAGE_MASTER_PID="25526"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PRELINK_PATH=""
PRELINK_PATH_MASK="/usr/lib/gstreamer-0.8"
PWD="/data/media/duy/mp3"
PYTHONDOCS="/usr/share/doc/python-docs-2.4.2/html"
PYTHONPATH="/usr/lib/portage/pym"
QMAIL_CONTROLDIR="/var/qmail/control"
QMAKESPEC="linux-g++"
QTDIR="/usr/qt/3"
RESUMECOMMAND="/usr/bin/wget -c -t 5 --passive-ftp -P ${DISTDIR} ${URI}"
RPMDIR="/usr/portage/rpm"
RSYNC_RETRIES="3"
RSYNC_TIMEOUT="180"
SANE_CONFIG_DIR="/etc/sane.d"
SESSION_MANAGER="local/warehouse:/tmp/.ICE-unix/10498"
SGML_CATALOG_FILES="/etc/sgml/sgml-docbook.cat:/etc/sgml/openjade-1.3.2.cat:/etc/sgml/xml-docbook-4.4.cat:/etc/sgml/sgml-ent.cat:/etc/sgml/xml-simple-docbook-1.0.cat:/etc/sgml/xml-simple-docbook-4.1.2.4.cat:/etc/sgml/xml-docbook-4.1.2.cat:/etc/sgml/sgml-docbook-3.0.cat:/etc/sgml/sgml-docbook-3.1.cat:/etc/sgml/sgml-docbook-4.0.cat:/etc/sgml/sgml-docbook-4.1.cat:/etc/sgml/sgml-docbook-4.2.cat:/etc/sgml/sgml-docbook-4.4.cat:/etc/sgml/sgml-lite.cat:/etc/sgml/dsssl-docbook-stylesheets.cat"
SHELL="/bin/bash"
SHLVL="3"
STAGE1_USE="-nptl"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
TERM="xterm"
USE="X aalib acl acpi ada adns aim alsa apache2 apm arts audiofile bitmap-fonts bzip2 bzlib caps cdr cli cpdflib crypt cscope cups curl dba dga dio directfb divx4linux doc dri dts dvd dvdr eds emacs emboss encode ethereal exif expat fam fbcon ffmpeg flac foomaticdb fortran freetds ftp gd ggi gif gimpprint glut gmp gnutls gphoto2 gpm gstreamer gtk2 gtkhtml icq idn imagemagick imap imlib inifile isdnlog jabber java jpeg junit kde kerberos krb4 lcms ldap lesstif libcaca libwww linguas_fr linguas_tr lirc mad maildir matroska mhash mime mmx mmxext mng mozilla mp3 mpeg msn mysql ncurses nls nvidia oav odbc ogg oggvorbis openal opengl oscar oss pam pam-mysql pcre perl php png postgres ppds pppd python qt qt3 qt4 quicktime readline real reflection samba sasl scanner session shared slang slp sockets socks5 spell spl sql sse sse2 ssl subversion svg svga tcltk tcpd tetex threads tiff tokenizer truetype truetype-fonts type1-fonts unicode usb vhosts videos vorbis win32codecs wmf x86 xanim xine xml xml2 xmms xorg xv xvid yahoo zlib userland_GNU kernel_linux elibc_glibc"
USER="root"
USERLAND="GNU"
USE_EXPAND="FRITZCAPI_CARDS FCDSL_CARDS VIDEO_CARDS DVB_CARDS LIRC_DEVICES INPUT_DEVICES LINGUAS USERLAND KERNEL ELIBC"
WINDOWID="27262981"
XARGS="xargs -r"
XAUTHORITY="/root/.xauthjbOn4R"
XCURSOR_THEME="default"
XDG_CONFIG_DIRS="/usr/kde/3.5/etc/xdg"
XDG_DATA_DIRS="/usr/kde/3.5/share:/usr/share"
XDM_MANAGED="/var/run/xdmctl/xdmctl-:0,maysd,mayfn,sched,rsvd,method=classic"
XINITRC="/etc/X11/xinit/xinitrc"
XPSERVERLIST=""
_="/usr/bin/emerge"

Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-04 07:26:35 UTC

qmail please advise.

Comment 2 Robin Johnson archtester

2006-09-04 07:39:16 UTC

Umm, what are you smoking?
defaultdelivery does not contain any passwords at all.

$ cat /var/qmail/control/defaultdelivery
# Uncomment the next line for .forward support
#|dot-forward .forward
./.maildir/

Comment 3 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev

2006-09-04 07:49:50 UTC

Maybe he meant smtproutes, but there are no passwords in there by default and if the user changes something, it's up to him to configure his stuff correctly.