[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] Re: qmail-local and group writable .qmail?

To: qmail@xxxxxxxxxxxxx
Subject: [PATCH] Re: qmail-local and group writable .qmail?
From: "Adam D. Morley" <adam@xxxxxxx>
Date: Thu, 03 Nov 2005 10:00:31 -0800
Cc: nelson@xxxxxxxxx
Delivered-to: de5-qmail@sws5.ornl.gov
Delivered-to: mailing list qmail@list.cr.yp.to
In-reply-to: <20051103.103828.71130122.hanche@math.ntnu.no>
Mail-followup-to: "Adam D. Morley" <adam@gmi.com>, qmail@list.cr.yp.to, nelson@qmail.org
Mailing-list: contact qmail-help@list.cr.yp.to; run by ezmlm
References: <20051103083317.GA20663@pri.dmz.gmi.com> <20051103.103828.71130122.hanche@math.ntnu.no>
User-agent: Mutt/1.5.9i

On Thu, Nov 03, 2005 at 10:38:28AM +0100, Harald Hanche-Olsen wrote:
> + "Adam D. Morley" <adam@xxxxxxx>:
> 
> | So I'm guessing conf-patrn got modified at some point in time, but
> | the docs were not updated?
> 
> That's what it looks like, yes.
> 
> | Does anyone know when conf-patrn got changed,
> 
> grep conf-patrn CHANGES  answers that question.

Wow.  Sorry I totally missed that.

> 
> | and how we get the docs updated?
> 
> Given that qmail 1.03 is very much frozen, and unlikely ever to be
> thawed, not much chance.  (There may be a qmail 2 someday, but that's
> a different issue.)
> 
> But since this just possibly could become a security critical issue,
> maybe a patch to dot-qmail.9 ought to make it into the next netqmail?
> (You should run netqmail 1.05 anyway, rather than the old qmail 1.03.)

I didn't even know netqmail existed.  I did, however, find out that I
run all the patches from netqmail that I care about, so I guess that's
fine.  I've attached a patch against netqmail-1.05 for the doc fixes,
but not against the netqmail-1.05.patch file since I wasn't sure that
would be "right."  Either way, it's a tiny change.

Thanks!

-- 
adam

[adam@sr1 tmp]$ diff -ur netqmail-1.05.orig/ netqmail-1.05.patched/
diff -ur netqmail-1.05.orig/netqmail-1.05/CHANGES netqmail-1.05.patched/netqmail-1.05/CHANGES
--- netqmail-1.05.orig/netqmail-1.05/CHANGES    2005-11-03 09:44:36.000000000 -0800
+++ netqmail-1.05.patched/netqmail-1.05/CHANGES 2005-11-03 09:51:46.000000000 -0800
@@ -1,3 +1,4 @@
+20051103 doc: dot-qmail.9 updated for changed (19980613) conf-patrn default
 20040121 version: netqmail 1.05
 20040121 code: qmail-smtpd is protected from exceedingly long (eg 2GB)
          header lines
diff -ur netqmail-1.05.orig/netqmail-1.05/dot-qmail.9 netqmail-1.05.patched/netqmail-1.05/dot-qmail.9
--- netqmail-1.05.orig/netqmail-1.05/dot-qmail.9        1998-06-15 03:53:16.000000000 -0700
+++ netqmail-1.05.patched/netqmail-1.05/dot-qmail.9     2005-11-03 09:47:44.000000000 -0800
@@ -194,7 +194,7 @@
  
 If
 .B .qmail
-is world-writable or group-writable,
+is world-writable,
 .B qmail-local
 stops and indicates a temporary failure.
 .SH "SAFE QMAIL EDITING"

References:
- qmail-local and group writable .qmail?
  - From: Adam D. Morley
- Re: qmail-local and group writable .qmail?
  - From: Harald Hanche-Olsen

Prev by Date: Re: Routing by sender
Next by Date: Re: tcpserver pop3 problem
Previous by thread: Re: qmail-local and group writable .qmail?
Next by thread: Qmail Logging
Index(es):
- Date
- Thread