procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Permissions in the spool

1996-10-07 20:02:40
from [Philip Guenther] [Permanent Link] 
Chris Dent <cdent(_at_)detritus(_dot_)ucs(_dot_)indiana(_dot_)edu> writes:

procmail when writing to a user's spool file in a spool that is 1777
wants to write the file 600. 

when the directory is 775 or something similar to that it is willing
to write it 660.

Due to some prior constraints we need to maintain the mail spool
directories on the machines in question as 1777.

...

But I'm afraid I can't figure out what to change. The source seems to 
indicate that the screenmailbox function in misc.c controls what is
going on but from what I can tell it doesn't give much choice, i.e. it
throws away group write if the directory is world writable no matter
what. 


Not quite.  To very selectively quote the source:

...
  if(!stat(buf,&stbuf))
   { unsigned wwsdir;
     if(accspooldir=(wwsdir=                    /* world writable spool dir? */
           (stbuf.st_mode&(S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH))==
           (S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH))
          <<1|                                           /* note it in bit 1 */
         uid==stbuf.st_uid)        /* we own the spool dir, note it in bit 0 */
#ifdef TOGGLE_SGID_OK
        ;
#endif
        rcst_nosgid();                       /* we don't *need* setgid privs */


At this point uid contains the effective user that procmail is running
under, and buf contains the path of the mailspool (e.g., /var/mail).
Since your spool directory is has at least perms 777, wwsdir will be
set to at least 2.


     if(uid!=stbuf.st_uid&&              /* we don't own the spool directory */
        (stbuf.st_mode&S_ISGID||!wwsdir))         /* it's not world writable */
      { if(stbuf.st_gid==egid)                   /* but we have setgid privs */
           doumask(GROUPW_UMASK);                  /* make it group-writable */
        goto keepgid;
      }


Now since you want the "doumask(GROUPW_UMASK)" to execute, 3 conditions will
have to be met:

1)      procmail's effective uid must _not_ match that of the spool directory
2)      the setgid bit (S_ISGID) must be set on the spool directory
3)      procmail's effective gid must match that of the spool directory


Meeting the second of those conditions is rather straight forward:
        chmod g+s /the/spool/directory

The last conditions means that procmail should be setgid mail and
the spool directory should be group mail (if it isn't already).

Now the first condition is sorta tough.  procmail either needs to *not*
be setuid root, or the spool directory needs to be owned by someone
other than root.  I'd lean towards the first myself, but it's your
call.

I believe that under those constraints, procmail should deliver with
mode 660.

Philip Guenther
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  newbie help: procmail in /etc/aliases, Jeffery G. Hahn
Next by Date:  Re: Clarification of a delemma., Stan Ryckman
Previous by Thread:  Permissions in the spool, Chris Dent
Next by Thread:  Clarification of a delemma., Michael C. Tiernan
Indexes:  [Date] [Thread] [Top] [All Lists]