On Mon, May 25, 2020 at 11:07:12PM +0200, Dawid Czelu??niak wrote: > After changing permissions of /var/mail directory to 755: > > $ chmod 755 /var/mail > > everything is fine and seteuid(2) is not called: > 92121 lockspool NAMI "/var/mail/root.lock" > 92121 lockspool RET unlink 0 > 92121 lockspool CALL kbind(0x7f7ffffc7f58,24,0xefbb72852ff02523) > 92121 lockspool RET kbind 0 > 92121 lockspool CALL exit(0) > > Killing lockspool(1) by pledge(2) happens when permissions of /var/mail > are greater than 755. Maybe it would be useful to give user an indication > that it is the permission issue instead of killing the process by pledge? > > What do you think?
You obviously have a non-default config for this, nevertheless, this is supposedly a supported config according to getlock() which is actually living in mail.local's sources. getlock()'s behaviour changes in the case of a writeable mail spool. if we want to keep supporting this, I we can modify the pledge as follows: ok? Index: lockspool.c =================================================================== RCS file: /cvs/src/libexec/lockspool/lockspool.c,v retrieving revision 1.21 diff -u -p -u -p -r1.21 lockspool.c --- lockspool.c 9 Feb 2020 14:59:20 -0000 1.21 +++ lockspool.c 25 May 2020 22:01:13 -0000 @@ -55,7 +55,7 @@ main(int argc, char *argv[]) if (unveil(_PATH_MAILDIR, "rwc") == -1) err(1, "unveil"); - if (pledge("stdio rpath wpath getpw cpath fattr", NULL) == -1) + if (pledge("id flock stdio rpath wpath getpw cpath fattr", NULL) == -1) err(1, "pledge"); openlog(__progname, LOG_PERROR, LOG_MAIL);