Wed Apr 17 02:54:04 UTC 2002
Vernon Schryver <firstname.lastname@example.org> writes: > It occurred to me that with a setUID=0 dccproc, you could play games > like `dccproc -h /etc -w passwd` or `dccproc -w /etc/shadow` I figured you were protecting against something like that but didn't have time to really understand the code. Maybe it should only look in the user ~/.dcc/whiteclnt and if missing look in the system one? That way no paths are necessary and can't be subverted. Just a thought. (Hmmm, 'course some twit could do a "ln -s /etc/passwd ~/.dcc/whiteclnt")-: > What's the name of the dcc user, root? Yeah, my bad: from /var/dcc/dcc_conf: DCCUID=root I need to change that. Kinda why I'm working on a port, so FreeBSD folks can just do a "cd /usr/ports/mail/dcc-dccproc && make install clean" and all this would be done for them -- accounts, config edits, the couple commands an anon client needs to setup, like "cdcc new map" and "cdcc add <servername>". They still gotta integrate with their MTA and/or MUA but that's too variable to script an install. > What is the compiled-in DCC home directory? The default, /var/dcc. The port I'm doing tries to conform to FreeBSD's conventions: almost everything goes in /usr/local, so I could put it in /usr/local/dcc/... But that's another topic. > How is the whitelist file specified, with -w /home/chris/.dcc/whiteclnt ? > If it couldn't open it later, it shouldn't have been able to create it > I just tried what I understand to be the bad case, and the created > whiteclnt.dccw is owned by the real instead of the setUID UID of dccproc. That -w line is what I used, an absolute path. I can try it again tomorrow and see if dccproc creates a root-owned whiteclnt.dccw. > ] chris@thanatos(276> cat /tmp/email2 |dccproc -Q -w whiteclnt > > Why is `cat` used? If it's not because that's a better simulation of > the operational environment, there is `dccproc -i /tmp/mail2` You're right, I shouldda used "-i". Seems like the same effect, and same "p=" artifact. > Did you copy to whiteclnt or whitelcnt.dccw ? Just the "whiteclnt", then dccproc created "whiteclnt.dccw", which it complained about the size of.
More information about the DCC