You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by Brad Koehn <br...@koehn.com> on 2005/02/07 16:07:36 UTC
Bug 4086: When run as nobody, child processess get root privileges
I had difficulty posting this bug to bugzilla, and it doesn't look like
it's been assigned to anybody yet (although one person submitted a
patch). I'm not enough of a perl jockey (or BSD jockey, to tell the
truth) to fix it myself, but I'm very concerned that I've opened my
production SA server to attack while this bug remains open (to mitigate
the risk, I'm running SA on an isolated OS X box for the time being). If
somebody out there has the background, I'd really appreciate a patch.
Anyway, Here's the bug
(http://bugzilla.spamassassin.org/show_bug.cgi?id=4086):
When I installed SA-3.0.2, I noticed the following when running ps xauww:
nobody 9845 0.0 3.3 108920 36344 ?? Ss 7:55AM 0:17.21 /usr/bin/spamd
-dcx --virtual-config-dir=/var/spamassassin/%u -i 10.0.1.253 -A
10.0.1.254 -u nobody -r /var/run/spamd.pid
root 9854 0.0 6.0 112772 66908 ?? S 7:55AM 0:16.28 spamd child
root 9855 0.0 5.9 111752 66188 ?? S 7:55AM 0:12.65 spamd child
root 9856 0.0 6.0 111724 66412 ?? S 7:55AM 0:13.96 spamd child
root 9857 0.0 5.9 111696 65208 ?? S 7:55AM 0:10.44 spamd child
root 9858 0.0 5.9 111696 66264 ?? S 7:55AM 0:13.68 spamd child
Notice that the parent process is running as nobody like it's supposed
to, but all of the children are running as root. When it's first
started, the child processes run as nobody, but it seems that as they
process messages they are being promoted to run as root, and they stay
that way.
Now if there are any security holes in SA or any plugins, they are
exposed with root access to my machine (running Mac OS X Server 10.3.7
with all patches applied).