Bug 4437 - Patch to allow a combined setuid and virtual-config-dir
Summary: Patch to allow a combined setuid and virtual-config-dir
Status: NEW
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: spamc/spamd (show other bugs)
Version: SVN Trunk (Latest Devel Version)
Hardware: Other other
: P3 enhancement
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-06-27 20:32 UTC by Jason Rhinelander
Modified: 2005-07-07 10:48 UTC (History)
0 users



Attachment Type Modified Status Actions Submitter/CLA Status
spamd patch to add setuid capabilities to virtual-config-dir setups patch None Jason Rhinelander [NoCLA]
spamd patch to add setuid capabilities to virtual-config-dir setups patch None Jason Rhinelander [NoCLA]

Note You need to log in before you can comment on or make changes to this bug.
Description Jason Rhinelander 2005-06-27 20:32:51 UTC
I recently came across a situation where I wanted to combine the
virtual-config-dir with spamd's setuid abilities.  Basically, this server
handles mail for multiple domains, and that mail is stored and processed under
different user accounts.

Specifically, mail is stored as /home/<username>/<domain>/mail/<mail-user> - for
example, jagerman@jagerman.com mail is located at
/home/jagerman/jagerman.com/mail/jagerman, and is owned by the <jagerman> user.

To get this working with spamd, I used the
--virtual-config-dir=/var/mail/%d/mail/%l/.spamassassin spamd option, then
called spamc with -u user@domain.com - and to make this work, I created a
/var/mail/domain symlink to the appropriate /home/username/domain directory.

The problem, however, is that spamd doesn't handle any setuid handling with this
configuration, which means any .spamassassin/ files it creates (including the
directory itself, if it doesn't exist) will be owned by whatever user spamd is
running as (it was root, in my case while testing).

The following patch addresses that problem by adding a new option
(--virtual-setuid-separator) to spamd that allows spamc to prefix the virtual
username with a system username and fixed string separator.  Additionally, the
patch adds a '%h' escape to the --virtual-config-dir pattern so that the above
symlink directory I described above (/var/mail) is not needed.

In my case, with this patch applied, I start spamd with:

-x --virtual-config-dir=%h/%d/mail/%l/.spamassassin --virtual-setuid-separator=::

I then run spamc with: -u jagerman::test@jagerman.com and spamd setuid()'s to
the 'jagerman' user and uses /home/jagerman/jagerman.com/mail/test/.spamassassin
for its files.
Comment 1 Jason Rhinelander 2005-06-27 20:35:40 UTC
Created attachment 2963 [details]
spamd patch to add setuid capabilities to virtual-config-dir setups

Patch applied against spamd.raw from 20050627163958 trunk downloaded from
http://cvs.apache.org/snapshots/spamassassin/.

Should also apply (with some line offsets) against spamd from 3.0.4, and
possibly earlier releases.
Comment 2 Jason Rhinelander 2005-07-07 18:48:15 UTC
Created attachment 3010 [details]
spamd patch to add setuid capabilities to virtual-config-dir setups

I've made a one-line change to the patch to allow a numeric user_id to be
treated as a uid instead of username.