Bug 4437

Summary: Patch to allow a combined setuid and virtual-config-dir
Product: Spamassassin Reporter: Jason Rhinelander <jagerman>
Component: spamc/spamdAssignee: SpamAssassin Developer Mailing List <dev>
Status: NEW ---    
Severity: enhancement    
Priority: P3    
Version: SVN Trunk (Latest Devel Version)   
Target Milestone: Undefined   
Hardware: Other   
OS: other   
Whiteboard:
Attachments: spamd patch to add setuid capabilities to virtual-config-dir setups
spamd patch to add setuid capabilities to virtual-config-dir setups

Description Jason Rhinelander 2005-06-27 20:32:51 UTC 
I recently came across a situation where I wanted to combine the
virtual-config-dir with spamd's setuid abilities.  Basically, this server
handles mail for multiple domains, and that mail is stored and processed under
different user accounts.

Specifically, mail is stored as /home/<username>/<domain>/mail/<mail-user> - for
example, jagerman@jagerman.com mail is located at
/home/jagerman/jagerman.com/mail/jagerman, and is owned by the <jagerman> user.

To get this working with spamd, I used the
--virtual-config-dir=/var/mail/%d/mail/%l/.spamassassin spamd option, then
called spamc with -u user@domain.com - and to make this work, I created a
/var/mail/domain symlink to the appropriate /home/username/domain directory.

The problem, however, is that spamd doesn't handle any setuid handling with this
configuration, which means any .spamassassin/ files it creates (including the
directory itself, if it doesn't exist) will be owned by whatever user spamd is
running as (it was root, in my case while testing).

The following patch addresses that problem by adding a new option
(--virtual-setuid-separator) to spamd that allows spamc to prefix the virtual
username with a system username and fixed string separator.  Additionally, the
patch adds a '%h' escape to the --virtual-config-dir pattern so that the above
symlink directory I described above (/var/mail) is not needed.

In my case, with this patch applied, I start spamd with:

-x --virtual-config-dir=%h/%d/mail/%l/.spamassassin --virtual-setuid-separator=::

I then run spamc with: -u jagerman::test@jagerman.com and spamd setuid()'s to
the 'jagerman' user and uses /home/jagerman/jagerman.com/mail/test/.spamassassin
for its files.
Comment 1 Jason Rhinelander 2005-06-27 20:35:40 UTC 
Created attachment 2963 [details]
spamd patch to add setuid capabilities to virtual-config-dir setups

Patch applied against spamd.raw from 20050627163958 trunk downloaded from
http://cvs.apache.org/snapshots/spamassassin/.

Should also apply (with some line offsets) against spamd from 3.0.4, and
possibly earlier releases.
Comment 2 Jason Rhinelander 2005-07-07 18:48:15 UTC 
Created attachment 3010 [details]
spamd patch to add setuid capabilities to virtual-config-dir setups

I've made a one-line change to the patch to allow a numeric user_id to be
treated as a uid instead of username.