Wietse Venema:
> This means that not a lot of people have symlinks in Postfix
> configuration directories. The code responsible for the warning
> is:
>
> find $todo \( -perm -020 -o -perm -002 \) \
> -exec $WARN group or other writable: {} \;
>
> Although it's kind of lame for find(1) to report a symlink as
> writable (it is not writable), perhaps it is better to tell find(1)
> to follow symlinks. For that we need to know what systems would
> break (i.e. systems that don't have "find -L").
Below is a patch that maintains portability, but I am not sure that
it is a good idea.
To prevent privilege escalation exploits, $config_directory and
files under it must be writable only by root, and that is difficult
to enforce when files can be symlinked from elsewhere.
Wietse
--- /var/tmp/postfix-3.2-20160224/conf/postfix-script 2016-01-31
16:05:46.000000000 -0500
+++ conf/postfix-script 2016-03-01 19:23:51.000000000 -0500
@@ -272,10 +277,17 @@
}
todo=`echo "$todo" | tr ' ' '\12' | sort -u`
- find $todo ! -user root \
+ if find -L $config_directory/main.cf >/dev/null 2>&1
+ then
+ FIND="find -L"
+ else
+ FIND=find
+ fi
+
+ $FIND $todo ! -user root \
-exec $WARN not owned by root: {} \;
- find $todo \( -perm -020 -o -perm -002 \) \
+ $FIND $todo \( -perm -020 -o -perm -002 \) \
-exec $WARN group or other writable: {} \;
# Check Postfix mail_owner-owned directory tree owner/permissions.
