Bug#355732: marked as done (postfix: postqueue gives local users too much power)

[Debian Bug Tracking System]

Your message dated Fri, 31 Mar 2006 14:49:44 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#355732: postfix: postqueue gives local users too much power
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

Package: postfix
Version: 2.2.8-9
Severity: normal


When run as _any_ user, 'postqueue' allows them to see the contents of the queue
with -p , and also to flush it with -f. The former is what I'd consider a user
privacy violation, the latter seems to be putting administrative functions in
the hands of ordinary users.

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11.10rt
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages postfix depends on:
ii  adduser                       3.80       Add and remove users and groups
ii  debconf [debconf-2.0]         1.4.70     Debian configuration management sy
ii  dpkg                          1.13.16    package maintenance system for Deb
ii  libc6                         2.3.5-13   GNU C Library: Shared libraries an
ii  libdb4.3                      4.3.29-4   Berkeley v4.3 Database Libraries [
ii  libsasl2                      2.1.19-1.9 Authentication abstraction library
ii  libssl0.9.8                   0.9.8a-7   SSL shared libraries
ii  lsb-base                      3.0-15     Linux Standard Base 3.0 init scrip
ii  netbase                       4.24       Basic TCP/IP networking system

Versions of packages postfix recommends:
ii  mailx [mail-read 1:8.1.2-0.20050715cvs-1 A simple mail user agent
ii  mutt [mail-reade 1.5.11+cvs20060126-1    text-based mailreader supporting M
pn  resolvconf       <none>                  (no description available)

-- debconf information excluded

--- End Message ---

--- Begin Message ---

> When run as _any_ user, 'postqueue' allows them to see the contents of the 
> queue
> with -p , and also to flush it with -f. The former is what I'd consider a user
> privacy violation, the latter seems to be putting administrative functions in
> the hands of ordinary users.

Those wishing other than sendmail-compatible behavior can use the
following variables to restrict both features:

       Available in Postfix version 2.2 and later:

       authorized_flush_users (static:anyone)
              List  of  users  who  are  authorized  to flush the
              queue.

       authorized_mailq_users (static:anyone)
              List of users who are authorized to view the queue.

--- End Message ---