Even if procmail closes and reopens the file later as non-root, there are still two problems here. First, procmail has opened (and closed) a file with root permissions. There are 'files' where merely opening (and closing) them have side effects; for example, pointing $HOME/.procmailrc at a rewindable tape device, where an open/close will cause the tape to rewind. I believe that this is a security issue.
Second, manifestly the attempts to work around NFS issues don't work. If you run procmail with it setuid root, your users have home directories on NFS, and your users don't make their homedir and their .procmailrc readable to the world, procmail's attempt to open their .procmailrc as root will fail with EACCESS and it will *not* retry as non-root. This is a plain bug; we have seen it here (since 8.04 installs procmail as setuid root). (I cannot follow the twisting maze of dense procmail code to see why it is going wrong, but it clearly is; we have the mis-delivered mail and the strace/SystemTap traces to show it.) -- Procmail opens $HOME/.procmailrc before dropping setuid permissions https://bugs.launchpad.net/bugs/407459 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs