Bugtraq mailing list archives
Re: Postfix design directions
From: peter () ATTIC VUURWERK NL (Peter van Dijk)
Date: Wed, 23 Dec 1998 21:54:39 +0100
On Tue, Dec 22, 1998 at 03:02:30PM -0500, Wietse Venema wrote:
This is an invitation for constructive discussion regarding the merits of world-writable maildrop directories versus set-uid or set-gid posting agents. The Postfix design takes an unusual approach. In the light of experience, I have no difficulty making changes to the design, but I want to make an informed decision. World-writable maildrop directories -----------------------------------
[SNIP]
Set-uid/gid posting agents --------------------------
[SNIP]
Future direction ---------------- I see two directions for Postfix evolution: 1) maintain the present world-writable maildrop and unprivileged posting agent and 2) use a protected directory and a set-gid posting agent (set-uid seems to have no obvious advantage here). Is it feasible to keep maildrop queue file names secret, and are the other attacks indeed mere annoyances? Is it feasible to write secure set-gid programs that are not only secure today, but that will be secure on tomorrow's UNIX systems as well?
3) Use a UNIX socket, TCP/IP, named pipes, whatever you want, to communicate between user-level, user-owned processes (which might be a nice sendmail-like interface) and a long-running process that writes into the queue. No s[ug]id execution, no world-writeable dirs, just a small performance hit. Greetz, Peter. -- 'I guess anybody who walks away from a root shell at : Peter van Dijk a nerd party gets what they deserve!' -- BillSF :peter () attic vuurwerk nl -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- finger hardbeat () mdk ml org for my public PGP-key - --- - --- - --- - --- - --- - --- - --- - --- - --- -
Current thread:
- Postfix design directions Wietse Venema (Dec 22)
- Re: Postfix design directions Chris Adams (Dec 23)
- Re: Postfix design directions Peter van Dijk (Dec 23)
- Re: Postfix design directions Wietse Venema (Dec 23)
- Re: Postfix design directions Perry E. Metzger (Dec 23)
- Re: Postfix design directions Wietse Venema (Dec 23)
- Re: Postfix design directions Richard Kail (Dec 23)
- Re: Postfix design directions Ewen McNeill (Dec 23)