On Mon, May 25, 2020 at 11:07:12PM +0200, Dawid Czelu??niak wrote:
> After changing permissions of /var/mail directory to 755:
>
> $ chmod 755 /var/mail
>
> everything is fine and seteuid(2) is not called:
> 92121 lockspool NAMI "/var/mail/root.lock"
> 92121 lockspool RET unlink 0
> 92121 lockspool CALL kbind(0x7f7ffffc7f58,24,0xefbb72852ff02523)
> 92121 lockspool RET kbind 0
> 92121 lockspool CALL exit(0)
>
> Killing lockspool(1) by pledge(2) happens when permissions of /var/mail
> are greater than 755. Maybe it would be useful to give user an indication
> that it is the permission issue instead of killing the process by pledge?
>
> What do you think?
You obviously have a non-default config for this, nevertheless, this is
supposedly
a supported config according to getlock() which is actually living in
mail.local's
sources.
getlock()'s behaviour changes in the case of a writeable mail spool. if we
want to keep supporting this, I we can modify the pledge as follows:
ok?
Index: lockspool.c
===================================================================
RCS file: /cvs/src/libexec/lockspool/lockspool.c,v
retrieving revision 1.21
diff -u -p -u -p -r1.21 lockspool.c
--- lockspool.c 9 Feb 2020 14:59:20 -0000 1.21
+++ lockspool.c 25 May 2020 22:01:13 -0000
@@ -55,7 +55,7 @@ main(int argc, char *argv[])
if (unveil(_PATH_MAILDIR, "rwc") == -1)
err(1, "unveil");
- if (pledge("stdio rpath wpath getpw cpath fattr", NULL) == -1)
+ if (pledge("id flock stdio rpath wpath getpw cpath fattr", NULL) == -1)
err(1, "pledge");
openlog(__progname, LOG_PERROR, LOG_MAIL);
