From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Dmitry V. Levin" <ldv@alt-linux.org>
To: devel@altlinux.ru
Subject: Re: [devel] Re: About masqmail
Message-ID: <20011010130810.C29738@ldv.office.alt-linux.org>
Mail-Followup-To: devel@altlinux.ru
References: <3BC3EC30.1000300@altlinux.ru> <20011010115734.B3000@dhcp4.msc.masq>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="at6+YcpfzWZg/htY"
Content-Disposition: inline
In-Reply-To: <20011010115734.B3000@dhcp4.msc.masq>
X-fingerprint: 9658 398D 181B 1200 8FC5  26B8 F6F8 846B C1E2 3429
Sender: devel-admin@linux.iplabs.ru
Errors-To: devel-admin@linux.iplabs.ru
X-BeenThere: devel@linux.iplabs.ru
X-Mailman-Version: 2.0
Precedence: bulk
Reply-To: devel@linux.iplabs.ru
List-Help: <mailto:devel-request@linux.iplabs.ru?subject=help>
List-Post: <mailto:devel@linux.iplabs.ru>
List-Subscribe: <http://www.logic.ru/mailman/listinfo/devel>,
	<mailto:devel-request@linux.iplabs.ru?subject=subscribe>
List-Id: ALT Linux Team Developers mailing list <devel.linux.iplabs.ru>
List-Unsubscribe: <http://www.logic.ru/mailman/listinfo/devel>,
	<mailto:devel-request@linux.iplabs.ru?subject=unsubscribe>
List-Archive: <http://www.logic.ru/pipermail/devel/>
X-Original-Date: Wed, 10 Oct 2001 13:08:10 +0400
Date: Wed, 10 Oct 2001 13:08:10 +0400
Archived-At: <http://lore.altlinux.org/devel/20011010130810.C29738@ldv.office.alt-linux.org/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--at6+YcpfzWZg/htY
Content-Type: multipart/mixed; boundary="bKyqfOwhbdpXa4YI"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit


--bKyqfOwhbdpXa4YI
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: 8bit

On Wed, Oct 10, 2001 at 11:57:34AM +0400, Sergei Aranovsky wrote:
> > Здравствуйте Сергей!
> > Как я понял Вы сейчас готовите пакет masqmail для Сизифа.
> > В этом пакете присутствует SUID-ная программа.
> > Предлагаю обсудить это (в devel) так как  (вывод после краткой беседы с 
> > Димой Левиным) вполне реально от этого избавиться.
> > 
> > Как вы на это смотрите?
> 
> Хорошо смотрю. Переходим в devel. 
> 
> Сделать masqmail не setuid-ной конечно можно было бы. Но:
> 
> 1. Как быть с 25-м портом? Или правило младших портов обходится?

Да (см. attachment).

> 2. Накроется медным тазом доставка при помощи procmail (см. ключ -d).

А как с этим быть?


Regards,
	Dmitry

+-------------------------------------------------------------------------+
Dmitry V. Levin     mailto://ldv@alt-linux.org
ALT Linux Team      http://www.altlinux.ru/
Fandra Project      http://www.fandra.org/
+-------------------------------------------------------------------------+
UNIX is user friendly. It's just very selective about who its friends are.

--bKyqfOwhbdpXa4YI
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="drop_root.c"

/*
  drop_root
  Copyright (C) 2000  Dmitry V. Levin <ldv@fandra.org>

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/

/* Compile with libcap-devel installed, link with -lcap */

#include <unistd.h>
#include <syslog.h>
#include <pwd.h>
#include <grp.h>
#include <sys/capability.h>
#include <sys/prctl.h>

int drop_root( uid_t uid, gid_t gid )
{
	cap_t caps;

	/* Keep capabilities after setuid call */
	if ( prctl( PR_SET_KEEPCAPS, 1 ) < 0 )
	{
		syslog( LOG_ERR, "prctl failed: %m" );
		return 1;
	}

	/* Drop supplementary groups */
	if ( setgroups( 0, NULL ) < 0 )
	{
		syslog( LOG_ERR, "setgroups failed: %m" );
		return 1;
	}

	/* Setgid */
	if ( setgid( gid ) < 0 )
	{
		syslog( LOG_ERR, "setgid to gid=%d failed: %m", gid );
		return 1;
	}

	/* Setuid */
	if ( setuid( uid ) < 0 )
	{
		syslog( LOG_ERR, "setuid to uid=%d failed: %m", uid );
		return 1;
	}

	/* Initialize capability state */
	caps = cap_from_text( "cap_net_bind_service=epi" );
	if ( !caps )
	{
		syslog( LOG_ERR, "cap_from_text failed: %m" );
		return 1;
	}

	/* Set capabilities */
	if ( cap_set_proc( caps ) < 0 )
	{
		syslog( LOG_ERR, "cap_set_proc failed: %m" );
		return 1;
	}

	/* Cleanup */
	if ( cap_free( caps ) < 0 )
	{
		syslog( LOG_ERR, "cap_free failed: %m" );
		return 1;
	}

	syslog( LOG_DEBUG, "running as uid(%d)/gid(%d) euid(%d)/egid(%d)", getuid(), getgid(), geteuid(), getegid() );
	return 0;
}

--bKyqfOwhbdpXa4YI--

--at6+YcpfzWZg/htY
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7xA/59viEa8HiNCkRAs6iAJ9h0oksW3FlmMkAkMp1CgxuMBYiugCeMyQB
3WsSVi0Xb1tuf2cdj23vlKg=
=rku8
-----END PGP SIGNATURE-----

--at6+YcpfzWZg/htY--
_______________________________________________
Devel mailing list
Devel@linux.iplabs.ru
http://www.logic.ru/mailman/listinfo/devel