diff options
| author | spz <spz> | 2011-01-29 17:16:32 +0000 |
|---|---|---|
| committer | spz <spz> | 2011-01-29 17:16:32 +0000 |
| commit | 7ce2c2af134fba657dfc1a63f335c714ff1ec67a (patch) | |
| tree | 8f371f840998ef7bec280bb629c014af74b4f6ed /mail | |
| parent | 9f339f508dfbbc1d611f3813cf35f8ae25628604 (diff) | |
| download | pkgsrc-7ce2c2af134fba657dfc1a63f335c714ff1ec67a.tar.gz | |
stop majordomo from chowning /var/tmp to user majordom due to a superannuated
default in mk/defaults/mk.conf
remove the non-shared defaults and put in the setting that actually gets
used by more than one package (namely, MAJORDOMO_HOMEDIR)
don't make the majordom user own more than it actually needs to
make resend, archive, request-answer and medit honor the MAJORDOMO_CF
environment variable over the command line option, so that someone calling
these via the wrapper (which sets the environment variable) can't make
the majordom user execute random perl code by specifying it as config file.
Thanks to salo for finding this issue.
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/distribute/Makefile | 8 | ||||
| -rw-r--r-- | mail/majordomo/MESSAGE | 10 | ||||
| -rw-r--r-- | mail/majordomo/Makefile | 34 | ||||
| -rw-r--r-- | mail/majordomo/distinfo | 14 | ||||
| -rw-r--r-- | mail/majordomo/patches/patch-aa | 10 | ||||
| -rw-r--r-- | mail/majordomo/patches/patch-ab | 28 | ||||
| -rw-r--r-- | mail/majordomo/patches/patch-af | 36 | ||||
| -rw-r--r-- | mail/majordomo/patches/patch-ag | 30 | ||||
| -rw-r--r-- | mail/majordomo/patches/patch-ah | 29 | ||||
| -rw-r--r-- | mail/majordomo/patches/patch-ai | 13 |
10 files changed, 161 insertions, 51 deletions
diff --git a/mail/distribute/Makefile b/mail/distribute/Makefile index 81d697e19b2..4623ccf2262 100644 --- a/mail/distribute/Makefile +++ b/mail/distribute/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.23 2010/02/04 01:57:26 joerg Exp $ +# $NetBSD: Makefile,v 1.24 2011/01/29 17:16:33 spz Exp $ DISTNAME= distribute-2.1-pl19 PKGNAME= distribute-2.1.26 @@ -28,9 +28,9 @@ DIST_SUBDIR= distribute PATCH_DIST_STRIP= -p1 # customize below if you would like to -# mail/majordomo likes this -MAJORDOMO_DIR= /home/majordom -MAJORDOMO_LIST_DIR= ${MAJORDOMO_DIR}/lists +# this needs to be the same as majordomo uses +MAJORDOMO_HOMEDIR?= ${VARBASE}/majordomo +MAJORDOMO_LIST_DIR= ${MAJORDOMO_HOMEDIR}/lists # just as example, you may disagree with these MAILINGLIST_DIR= /var/mail-list ARCHIVE_DIR= /var/spool/mail-list diff --git a/mail/majordomo/MESSAGE b/mail/majordomo/MESSAGE index a52bb2083dc..926454a9dd9 100644 --- a/mail/majordomo/MESSAGE +++ b/mail/majordomo/MESSAGE @@ -1,5 +1,5 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.6 2010/10/30 23:48:35 spz Exp $ +$NetBSD: MESSAGE,v 1.7 2011/01/29 17:16:33 spz Exp $ Before you can use Majordomo, you will need to complete a few steps manually: @@ -54,5 +54,13 @@ manually: - add entries in /etc/newsyslog.conf to rotate the log in ${HOME}/Log if necessary. ++++++++++++++++++++++++++++ UPDATERS NOTICE +++++++++++++++++++++++++++++++ + +for resend, archive, request-answer and medit, the environment setting for +majordomo.cf now overrides the value given on the command line with -C; +this is a cheap (and ugly) fix for a vulnerability. Since that environment +variable is compiled into the wrapper program, the listed perl programs +will be locked to ${MAJORDOMO_CF} when started via the wrapper. + Enjoy Majordomo! =========================================================================== diff --git a/mail/majordomo/Makefile b/mail/majordomo/Makefile index e34bed327f0..282c720a1f3 100644 --- a/mail/majordomo/Makefile +++ b/mail/majordomo/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.40 2010/11/10 07:51:36 spz Exp $ +# $NetBSD: Makefile,v 1.41 2011/01/29 17:16:33 spz Exp $ DISTNAME= majordomo-1.94.5 -PKGREVISION= 10 +PKGREVISION= 11 CATEGORIES= mail MASTER_SITES= ftp://ftp.sgi.com/other/majordomo/1.94.5/ \ ftp://ftp-europe.sgi.com/other/majordomo/1.94.5/ @@ -71,15 +71,15 @@ USERGROUP_PHASE= configure PKG_GROUPS= ${MAJORDOMO_GROUP} PKG_USERS= ${MAJORDOMO_USER}:${MAJORDOMO_GROUP} OWN_DIRS_PERMS+= ${MAJORDOMO_HOMEDIR} \ - ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0775 + ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0755 OWN_DIRS_PERMS+= ${MAJORDOMO_HOMEDIR}/archives \ - ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0775 + ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0755 OWN_DIRS_PERMS+= ${MAJORDOMO_HOMEDIR}/digests \ - ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0775 + ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0755 OWN_DIRS_PERMS+= ${MAJORDOMO_HOMEDIR}/lists \ - ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0775 + ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0755 OWN_DIRS_PERMS+= ${MAJORDOMO_TMPDIR} \ - ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0775 + ${MAJORDOMO_USER} ${MAJORDOMO_GROUP} 0755 CONFIGURE_SED= -e "s|@PREFIX@|${PREFIX}|g" \ -e "s|@PERL@|${PERL5}|g" \ @@ -126,28 +126,28 @@ post-install: ${INSTALL_DATA} ${WRKSRC}/Doc/${file} ${DESTDIR}${DOCDIR}/${file} .endfor ${INSTALL_DATA} ${WRKSRC}/post-install-notes ${DESTDIR}${DOCDIR}/post-install-notes - ${INSTALL} -d -m 775 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} ${DESTDIR}${EXAMPLEDIR} + ${INSTALL} -d -m 755 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} ${DESTDIR}${EXAMPLEDIR} .for dir in ${EXDIRS} - ${INSTALL} -d -m 775 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} ${DESTDIR}${EXAMPLEDIR}/${dir} + ${INSTALL} -d -m 755 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} ${DESTDIR}${EXAMPLEDIR}/${dir} .endfor - ${INSTALL_DATA} -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ - ${WRKSRC}/aliases.majordomo ${DESTDIR}${EXAMPLEDIR}/aliases.majordomo - ${INSTALL_DATA} -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ + ${INSTALL_DATA} ${WRKSRC}/aliases.majordomo \ + ${DESTDIR}${EXAMPLEDIR}/aliases.majordomo + ${INSTALL} -m 644 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ ${FILESDIR}/keep_me ${DESTDIR}${EXAMPLEDIR}/archives/example-l/.keep_me - ${INSTALL_DATA} -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ + ${INSTALL} -m 644 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ ${FILESDIR}/keep_me ${DESTDIR}${EXAMPLEDIR}/digests/example-l-digest/.keep_me .for file in ${EXFILES} - ${INSTALL_DATA} -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ + ${INSTALL} -m 644 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ ${FILESDIR}/${file} ${DESTDIR}${EXAMPLEDIR}/lists/${file} .endfor .for file in ${EXLISTS} - ${INSTALL} -m 664 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ + ${INSTALL} -m 644 -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ /dev/null ${DESTDIR}${EXAMPLEDIR}/lists/${file} .endfor ${LN} -sf example-l.info ${DESTDIR}${EXAMPLEDIR}/lists/example-l-digest.info ${LN} -sf example-l.passwd ${DESTDIR}${EXAMPLEDIR}/lists/example-l-digest.passwd - ${INSTALL_DATA} -o ${MAJORDOMO_USER} -g ${MAJORDOMO_GROUP} \ - ${WRKSRC}/majordomo.cf ${DESTDIR}${EXAMPLEDIR}/majordomo.cf + ${INSTALL_DATA} ${WRKSRC}/majordomo.cf \ + ${DESTDIR}${EXAMPLEDIR}/majordomo.cf # verify installation; requires interaction test: install diff --git a/mail/majordomo/distinfo b/mail/majordomo/distinfo index 87a070b1e51..6d008586d5c 100644 --- a/mail/majordomo/distinfo +++ b/mail/majordomo/distinfo @@ -1,17 +1,17 @@ -$NetBSD: distinfo,v 1.12 2010/11/10 07:51:36 spz Exp $ +$NetBSD: distinfo,v 1.13 2011/01/29 17:16:33 spz Exp $ SHA1 (majordomo-1.94.5.tgz) = 44b18c7b9133f2cd992f6e718551d613d9d45c00 RMD160 (majordomo-1.94.5.tgz) = 7f6b48fb5cc5b23948133658b055588d0d6608c4 Size (majordomo-1.94.5.tgz) = 312244 bytes -SHA1 (patch-aa) = 884e1ffa5e8cebef17328d0e6d5a7dc498ba72c0 -SHA1 (patch-ab) = 68bdbd77029ebd8f113c492e50e60aa7efb35de9 +SHA1 (patch-aa) = 2be639e71d75780f82d2d6364431d7d40d97ba94 +SHA1 (patch-ab) = eca7461ea2f092130a50a89888f98fe45d1ddf79 SHA1 (patch-ac) = bea997e785b2656b1660a11efce759a56a700ab2 SHA1 (patch-ad) = 65370547240539128a405484e98c7ed15a869464 SHA1 (patch-ae) = 3957e2725fdf1e693236a9517e6e24ed61c0691e -SHA1 (patch-af) = b4a50a472a16eead08c189f68d47d2cf136308c6 -SHA1 (patch-ag) = b469a639270d369732e75e6ae4df7f559e9c436e -SHA1 (patch-ah) = 666b52100cb50a948c145da0ba83c197386cbd1e -SHA1 (patch-ai) = 530a33b788960f288eaa5c065b26fe27b5ed8c7e +SHA1 (patch-af) = 4637ede790e48be99ef4ee6883057dd9c47051b1 +SHA1 (patch-ag) = 3e89057efe5d76700d773759bff8e9d2be207a99 +SHA1 (patch-ah) = 2a5a36c0c4a0612342c7156ee949a26eaeaf133f +SHA1 (patch-ai) = 50d29659f54c86be1c6f6d93732419f1bac8c435 SHA1 (patch-aj) = 2185ba182561ca3e003fa0879e696092c3b237fd SHA1 (patch-ak) = b33b0fc9e013642cc842c6d7ee70f590281764ae SHA1 (patch-al) = 776088c5916b1b0516e8abaecd69870ba57f4a76 diff --git a/mail/majordomo/patches/patch-aa b/mail/majordomo/patches/patch-aa index 89f298e355d..5706558e458 100644 --- a/mail/majordomo/patches/patch-aa +++ b/mail/majordomo/patches/patch-aa @@ -1,4 +1,4 @@ -$NetBSD: patch-aa,v 1.5 2010/10/30 23:48:36 spz Exp $ +$NetBSD: patch-aa,v 1.6 2011/01/29 17:16:33 spz Exp $ warp the Makefile template to fit into pkgsrc @@ -40,15 +40,17 @@ warp the Makefile template to fit into pkgsrc EXEC_MODE = 755 HOME_MODE = 751 -@@ -41,7 +43,7 @@ HOME_MODE = 751 +@@ -41,8 +43,8 @@ HOME_MODE = 751 # BSDI or other 4.4-based BSD, Linux) use the following four lines. Do not # change these values! WRAPPER_OWNER = root -WRAPPER_GROUP = $(W_GROUP) +-WRAPPER_MODE = 4755 +WRAPPER_GROUP = $(W_MAJORDOMO_GROUP) - WRAPPER_MODE = 4755 ++WRAPPER_MODE = 4555 POSIX = -DPOSIX_UID=$(W_USER) -DPOSIX_GID=$(W_GROUP) # Otherwise, if your system is NOT POSIX (e.g. SunOS 4.x, SGI Irix 4, + # HP DomainOS) then comment out the above four lines and uncomment @@ -62,11 +64,14 @@ POSIX = -DPOSIX_UID=$(W_USER) -DPOSIX_GI # parent process, and without the leading "W_" in the variable names) gets # passed to processes run by "wrapper" @@ -83,7 +85,7 @@ warp the Makefile template to fit into pkgsrc shlock.pl config-test archive2.pl digest -INSTALL_FLAGS = -O $(W_USER) -g $(W_GROUP) -+INSTALL_FLAGS = -O $(W_MAJORDOMO_USER) -g $(W_MAJORDOMO_GROUP) ++INSTALL_FLAGS = -O root -g $(W_MAJORDOMO_GROUP) default: @echo "make what?" diff --git a/mail/majordomo/patches/patch-ab b/mail/majordomo/patches/patch-ab index faf6a3ee621..7843e957e05 100644 --- a/mail/majordomo/patches/patch-ab +++ b/mail/majordomo/patches/patch-ab @@ -1,10 +1,30 @@ -$NetBSD: patch-ab,v 1.1.1.1 1999/06/08 17:51:26 bad Exp $ +$NetBSD: patch-ab,v 1.2 2011/01/29 17:16:33 spz Exp $ ---- ./archive2.pl.orig Wed Aug 27 09:07:44 1997 -+++ ./archive2.pl Tue Jun 8 10:55:12 1999 -@@ -61,4 +61,5 @@ +--- archive2.pl.orig 2000-01-07 11:00:49.000000000 +0000 ++++ archive2.pl +@@ -47,19 +47,23 @@ + # Change directory to our home + chdir($ENV{'HOME'}) if $ENV{'HOME'}; + +-# Read and execute the .cf file +-$cf = $ENV{"MAJORDOMO_CF"} || "/etc/majordomo.cf"; ++# Read and execute the .cf file. For security reasons, let the environment win ++$cf = "/etc/majordomo.cf"; + if ($ARGV[0] eq "-C") { + $cf = $ARGV[1]; + shift(@ARGV); + shift(@ARGV); + } ++if ($ENV{"MAJORDOMO_CF"}) { ++ $cf = $ENV{"MAJORDOMO_CF"}; ++} + if (! -r $cf) { + die("$cf not readable; stopped"); + } + require "$cf"; # All these should be in the standard PERL library +unshift(@INC, $bindir); unshift(@INC, $homedir); require "ctime.pl"; # To get MoY definitions for month abbrevs + require "majordomo_version.pl"; # What version of Majordomo is this? diff --git a/mail/majordomo/patches/patch-af b/mail/majordomo/patches/patch-af index d2f283ffef0..4dfda5aa649 100644 --- a/mail/majordomo/patches/patch-af +++ b/mail/majordomo/patches/patch-af @@ -1,8 +1,34 @@ -$NetBSD: patch-af,v 1.4 2010/10/30 23:48:36 spz Exp $ +$NetBSD: patch-af,v 1.5 2011/01/29 17:16:33 spz Exp $ ---- majordomo.orig Sat Nov 27 17:28:39 1999 -+++ majordomo Sat Nov 27 17:29:16 1999 -@@ -58,6 +58,7 @@ +--- majordomo.orig 2000-01-13 17:29:31.000000000 +0000 ++++ majordomo +@@ -24,8 +24,11 @@ + # The mj_ prefix is reserved for tools that are part of majordomo proper. + $main'program_name = 'mj_majordomo';#'; + +-# Read and execute the .cf file +-$cf = $ENV{"MAJORDOMO_CF"} || "/etc/majordomo.cf"; ++# Read and execute the .cf file. for security reasons, make the env value win ++# (the wrapper will set the env value and setuid to majordomo. If you want ++# to test a config and are properly authorized, su to the majordomo user ++# and don't use the wrapper ++$cf = "/etc/majordomo.cf"; + + while ($ARGV[0]) { # parse for config file or default list + if ($ARGV[0] =~ /^-C$/i) { # sendmail v8 clobbers case +@@ -40,6 +43,11 @@ while ($ARGV[0]) { # parse for config fi + die "Unknown argument $ARGV[0]\n"; + } + } ++ ++if ($ENV{"MAJORDOMO_CF"}) { ++ $cf = $ENV{"MAJORDOMO_CF"}; ++} ++ + if (! -r $cf) { + die("$cf not readable; stopped"); + } +@@ -58,6 +66,7 @@ if (! -t STDERR) { print STDERR "$0: starting\n" if $DEBUG; # All these should be in the standard PERL library @@ -10,7 +36,7 @@ $NetBSD: patch-af,v 1.4 2010/10/30 23:48:36 spz Exp $ unshift(@INC, $homedir); require "ctime.pl"; # To get MoY definitions for month abbrevs require "majordomo_version.pl"; # What version of Majordomo is this? -@@ -1138,7 +1139,7 @@ +@@ -1095,7 +1104,7 @@ sub do_mkdigest { # The password is valid, so run digest open(DIGEST, diff --git a/mail/majordomo/patches/patch-ag b/mail/majordomo/patches/patch-ag index d68b1a67c4e..ccdfd01f6b8 100644 --- a/mail/majordomo/patches/patch-ag +++ b/mail/majordomo/patches/patch-ag @@ -1,10 +1,32 @@ -$NetBSD: patch-ag,v 1.1.1.1 1999/06/08 17:51:26 bad Exp $ +$NetBSD: patch-ag,v 1.2 2011/01/29 17:16:33 spz Exp $ ---- ./medit.orig Mon Apr 28 12:38:05 1997 -+++ ./medit Tue Jun 8 10:55:13 1999 -@@ -30,4 +30,5 @@ +--- medit.orig 1997-04-28 18:38:05.000000000 +0000 ++++ medit +@@ -16,19 +16,25 @@ + # set our path explicitly + $ENV{'PATH'} = "/bin:/usr/bin:/usr/ucb"; + +-# Read and execute the .cf file +-$cf = $ENV{"MAJORDOMO_CF"} || "/etc/majordomo.cf"; ++# Read and execute the .cf file. Let the environment variable win ++$cf = "/etc/majordomo.cf"; + if ($ARGV[0] eq "-C") { + $cf = $ARGV[1]; + shift(@ARGV); + shift(@ARGV); + } ++ ++if ($ENV{"MAJORDOMO_CF"}) { ++ $cf = $ENV{"MAJORDOMO_CF"}; ++} ++ + if (! -r $cf) { + die("$cf not readable; stopped"); + } + require "$cf"; # All these should be in the standard PERL library +unshift(@INC, $bindir); unshift(@INC, $homedir); require "shlock.pl"; # NNTP-style file locking + require "majordomo.pl"; diff --git a/mail/majordomo/patches/patch-ah b/mail/majordomo/patches/patch-ah index f4ce9534e87..66d13029620 100644 --- a/mail/majordomo/patches/patch-ah +++ b/mail/majordomo/patches/patch-ah @@ -1,10 +1,31 @@ -$NetBSD: patch-ah,v 1.1.1.1 1999/06/08 17:51:26 bad Exp $ +$NetBSD: patch-ah,v 1.2 2011/01/29 17:16:33 spz Exp $ ---- ./request-answer.orig Mon Dec 9 09:50:20 1996 -+++ ./request-answer Tue Jun 8 10:55:13 1999 -@@ -27,4 +27,5 @@ +--- request-answer.orig 2000-01-07 11:10:18.000000000 +0000 ++++ request-answer +@@ -13,19 +13,24 @@ + # PATH it is set in the wrapper, so there is no need to set it here. + #$ENV{'PATH'} = "/bin:/usr/bin:/usr/ucb"; + +-# Read and execute the .cf file +-$cf = $ENV{"MAJORDOMO_CF"} || "/etc/majordomo.cf"; ++# Read and execute the .cf file. For security reasons, let the environment win ++$cf = "/etc/majordomo.cf"; + if ($ARGV[0] eq "-C") { + $cf = $ARGV[1]; + shift(@ARGV); + shift(@ARGV); + } ++if ($ENV{"MAJORDOMO_CF"}) { ++ $cf = $ENV{"MAJORDOMO_CF"}; ++} ++ + if (! -r $cf) { + die("$cf not readable; stopped"); + } + require "$cf"; chdir($homedir) || die("Can't chdir(\"$homedir\"): $!"); +unshift(@INC, $bindir); unshift(@INC, $homedir); require "shlock.pl"; + require "majordomo.pl"; diff --git a/mail/majordomo/patches/patch-ai b/mail/majordomo/patches/patch-ai index aa612588008..270e1f9ec11 100644 --- a/mail/majordomo/patches/patch-ai +++ b/mail/majordomo/patches/patch-ai @@ -1,7 +1,18 @@ -$NetBSD: patch-ai,v 1.2 2010/11/09 07:09:59 spz Exp $ +$NetBSD: patch-ai,v 1.3 2011/01/29 17:16:33 spz Exp $ --- resend.orig 2000-01-07 15:32:39.000000000 +0000 +++ resend +@@ -78,8 +78,8 @@ if (! defined($opt_l)) { + die("resend: must specify '-l list'"); + } + +-# Read and execute the .cf file +-$cf = $opt_C || $opt_c || $ENV{"MAJORDOMO_CF"} || "/etc/majordomo.cf"; ++# Read and execute the .cf file. For security reasons, let the environment win ++$cf = $ENV{"MAJORDOMO_CF"} || $opt_C || $opt_c || "/etc/majordomo.cf"; + + # Despite not having a place to send the remains of the body, + # it would be nice to send a message to root or postmaster, at least... @@ -92,6 +92,7 @@ require "$cf"; chdir($homedir) || die("Can't chdir(\"$homedir\"): $!"); |