*** This bug is a duplicate of bug 102947 ***
https://bugs.launchpad.net/bugs/102947
Public bug reported:
Binary package hint: courier-authlib
The /etc/init.d/courier-authdaemon creates $RUNDIR with improper
permissions, namely, 0750, rather than world-readable. The problem is
that if Postfix is configured to execute maildrop from mailbox_command
(as suggested in the Postfix HOWTOs), there is a *silent* *unlogged*
failure of maildrop to connect to the authdaemon.
Since maildrop is designed to run without authdaemon, this causes usual
mail filter rules (for instance, in /etc/maildroprc) to not apply,
bypassing possible restrictions configured there. It is unclear whether
to see this as security vulnerability.
Please change the init script to mkdir the relevant directory with mode
0755, and make sure that existing directories are checked and the admin
gets warned if it's at 0750.
Arguably this could be seen as a maildrop bug which should exit with
EX_TEMPFAIL if it cannot connect to the authdaemon, but see above for
the note about standalone use.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: courier-authdaemon 0.62.4-1
ProcVersionSignature: Ubuntu 2.6.32-31.61-generic-pae 2.6.32.32+drm33.14
Uname: Linux 2.6.32-31-generic-pae i686
Architecture: i386
Date: Wed May 4 14:08:58 2011
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: courier-authlib
** Affects: courier-authlib (Ubuntu)
Importance: Undecided
Status: New
** Tags: apport-bug i386 lucid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/777060
Title:
/etc/init.d/courier-authdaemon creates $RUNDIR with improper
permissions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
