You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2007/03/04 18:41:28 UTC
[Bug 5365] New: spamd child falling back to nobody attempts to use previous user's database
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5365
Summary: spamd child falling back to nobody attempts to use
previous user's database
Product: Spamassassin
Version: 3.1.7
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P5
Component: spamc/spamd
AssignedTo: dev@spamassassin.apache.org
ReportedBy: mark-clist@npsl.co.uk
incoming message processed for user 'xxx':
Mar 4 16:33:53 hostname spamd[5227]: spamd: connection from localhost
[127.0.0.1] at port 39629
Mar 4 16:33:53 hostname spamd[5227]: spamd: setuid to xxx succeeded
Mar 4 16:33:53 hostname spamd[5227]: spamd: processing message <a...@b> for xxx:1677
Mar 4 16:33:55 hostname spamd[5227]: spamd: clean message (-0.1/5.0) for
xxx:1677 in 1.3 seconds, 4360 bytes.
Mar 4 16:33:55 hostname spamd[5227]: spamd: result: ...
then later on for a user that doesn't exist:
Mar 4 16:39:09 hostname spamd[5227]: spamd: connection from localhost
[127.0.0.1] at port 39791
Mar 4 16:39:09 hostname spamd[5227]: spamd: handle_user unable to find user:
'test'
Mar 4 16:39:09 hostname spamd[5227]: spamd: still running as root: user not
specified with -u, not found, or set to root, falling back to nobody at
/usr/sbin/spamd line 1147, <GEN193> line 4.
Mar 4 16:39:09 hostname spamd[5227]: spamd: checking message <c...@d> for test:65534
Mar 4 16:39:09 hostname spamd[5227]: mkdir /home/xxx/.spamassassin: Permission
denied at /usr/share/perl5/Mail/SpamAssassin.pm line 1530
Mar 4 16:39:09 hostname spamd[5227]: mkdir /home/xxx/.spamassassin: Permission
denied at /usr/share/perl5/Mail/SpamAssassin.pm line 1530
Mar 4 16:39:09 hostname spamd[5227]: locker: safe_lock: cannot create tmp
lockfile /home/xxx/.spamassassin/auto-whitelist.lock.hostname.org.5227 for
/home/xxx/.spamassassin/auto-whitelist.lock: Permission denied
Mar 4 16:39:09 hostname spamd[5227]: auto-whitelist: open of auto-whitelist
file failed: locker: safe_lock: cannot create tmp lockfile
/home/xxx/.spamassassin/auto-whitelist.lock.hostname.org.5227 for
/home/xxx/.spamassassin/auto-whitelist
.lock: Permission denied
Mar 4 16:39:09 hostname spamd[5227]: spamd: identified spam (12.9/5.0) for
test:65534 in 0.6 seconds, 2876 bytes.
Mar 4 16:39:09 hostname spamd[5227]: spamd: result: ...
This is consistent in that it will always be looking in
$PREVIOUS_VALID_USER/.spamassassin rather than $NOBODYS_HOME/.spamassassin.
I have had a poke around in the code and it looks something like
signal_user_changed should be called from handle_setuid_to_user but I am not
certain of the correct resolution. I don't think this will cause any security
issues unless somebody has set their db files to be o+rw (which would be a hole
in itself).
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5365] spamd child falling back to nobody attempts to use previous user's database
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5365
------- Additional Comments From nugget@macnugget.org 2007-03-20 20:47 -------
I seem to have successfully "fixed the glitch" by replacing handle_setuid_to_user() as follows:
sub handle_setuid_to_user {
if ($spamtest->{paranoid}) {
die("spamd: in paranoid mode, still running as root: closing connection");
}
warn("spamd: still running as root: user not specified with -u, "
. "not found, or set to root, falling back to nobody" );
my ($name, $pwd, $uid, $gid, $quota, $comment, $gcos, $dir, $etc) =
getpwnam('nobody');
$uid =~ /^(\d+)$/ and $uid = $1; # de-taint
$gid =~ /^(\d+)$/ and $gid = $1; # de-taint
$) = "$gid $gid"; # eGID
$> = $uid; # eUID
if (!defined($uid) || ($> != $uid and $> != ($uid - 2**32))) {
die("spamd: setuid to nobody failed");
}
$spamtest->signal_user_changed(
{
username => $name,
user_dir => $dir
}
);
}
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5365] spamd child falling back to nobody attempts to use previous user's database
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5365
------- Additional Comments From gdt@ir.bbn.com 2007-03-16 07:48 -------
I am also seeing this on NetBSD 3.1 (i386) with spamassassin
I think the problem is that we need to call $spamtest->signal_user_changed with
user_dir set to undef. spamd is correctly changing permissions, and thus may
be remembering only the directory.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5365] spamd child falling back to nobody attempts to use previous user's database
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5365
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From jm@jmason.org 2007-03-21 06:30 -------
applied; let's see if it works ok ;)
: jm 1214...; svn commit -m "bug 5365: spamd child falling back to 'nobody' due
to unknown username passed from spamc, attempts to read previous user's bayes
dbs (and fails). fixed" spamd/spamd.raw
Sending spamd/spamd.raw
Transmitting file data .
Committed revision 520881.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5365] spamd child falling back to nobody attempts to use previous user's database
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5365
nugget@macnugget.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |nugget@macnugget.org
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5365] spamd child falling back to nobody attempts to use previous user's database
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5365
------- Additional Comments From jm@jmason.org 2007-03-21 07:01 -------
confirmed: seems to work for me in 3.2.0.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 5365] spamd child falling back to nobody attempts to use previous user's database
Posted by bu...@bugzilla.spamassassin.org.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5365
jm@jmason.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|Undefined |3.2.0
------- Additional Comments From jm@jmason.org 2007-03-21 02:48 -------
need to check this on 3.2.0
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.