Milter-greylist

Hi,

I attach a patch that fixes a crash.

The crash can reproduce with the following greylist.conf:

  ...
  socket "inet:30025"
  user "nobody"
  ...

Run milter-greylist as root user:

  % sudo milter-greylist

milter-greylist will be crashed.

Points:

  * "socket" is not file path. (e.g. inet:XXX, unix:XXX and so on)
  * "user" has only user. Group should not be included like
  * Run milter-greylist as root user.

Cause:

If we run milter-greylist as root user and "user"
parameter value is specified, "socket" parameter value
is chown-ed to "user" parameter value. If "socket"
parameter value is not path like "inet:30025", chown()
is always failed. And error message is logged by the
following code:

  mg_log(LOG_WARNING, "%s: cannot change \"%s\""
      " ownership to %s/%s: %s", argv[0], 
      conf.c_socket, pw->pw_name, gr->gr_name,
      strerror(errno));

"gr->gr_name" is a problem. "gr" is NULL when "user"
parameter value doesn't have group such as "nobody".

Solutions:

  (a) Don't chown() when "socket" parameter value has scheme
      such as "inet", "inet6", "unix" and "local".
  (b) Set "gr" even if "user" parameter value doesn't have
      group. (The attached patch uses this solution.)

I think that we should apply both solutions but I attach
only (b) solution. Because (b) solves more effected
problem. "gr" is used other location too. (See
code around chown(conf.c_pidfile, ...).) (a) doesn't solve
the problem.

So I think that (b) should be fixed at first. I will send a
patch for (a) after this patch is applied.


Thanks,
--
kou

Kouhei Sutou <kou@...> wrote:

> Solutions:
> 
>   (a) Don't chown() when "socket" parameter value has scheme
>       such as "inet", "inet6", "unix" and "local".
>   (b) Set "gr" even if "user" parameter value doesn't have
>       group. (The attached patch uses this solution.)
> 
> I think that we should apply both solutions but I attach
> only (b) solution. Because (b) solves more effected
> problem. "gr" is used other location too. (See
> code around chown(conf.c_pidfile, ...).) (a) doesn't solve
> the problem.

Right, but you implemented (c), which also has some merit, didn't you?
Or did I miss something?
    (c) fail with error message if group cannot be found

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Hi,

In <1l0608p.1asgwu41srqp32M%manu@...>
  "Re: [milter-greylist] [PATCH] fix a crash bug by chown socket without group" on Sat, 23 Mar 2013 03:01:05 +0100,
  manu@... wrote:

> 
> Kouhei Sutou <kou@...> wrote:
> 
>> Solutions:
>>
>> (a) Don't chown() when "socket" parameter value has scheme
>> such as "inet", "inet6", "unix" and "local".
>> (b) Set "gr" even if "user" parameter value doesn't have
>> group. (The attached patch uses this solution.)
>>
>> I think that we should apply both solutions but I attach
>> only (b) solution. Because (b) solves more effected
>> problem. "gr" is used other location too. (See
>> code around chown(conf.c_pidfile, ...).) (a) doesn't solve
>> the problem.
> 
> Right, but you implemented (c), which also has some merit, didn't you?
> Or did I miss something?
> (c) fail with error message if group cannot be found

Ah, yes. You're right.
The patch also includes (c). So the patch includes both (b)
and (c). Sorry for my wrong description.

Thanks,
--
kou

On 2013-03-23 06:39, Kouhei Sutou wrote:
> Hi,
>  > Kouhei Sutou <kou@... <mailto:kou%40clear-code.com>> wrote:
>  >
>  >> Solutions:
>  >>
>  >> (a) Don't chown() when "socket" parameter value has scheme
>  >> such as "inet", "inet6", "unix" and "local".
>  >> (b) Set "gr" even if "user" parameter value doesn't have
>  >> group. (The attached patch uses this solution.)
>  >>
>  >> I think that we should apply both solutions but I attach
>  >> only (b) solution. Because (b) solves more effected
>  >> problem. "gr" is used other location too. (See
>  >> code around chown(conf.c_pidfile, ...).) (a) doesn't solve
>  >> the problem.
>  >
>  > Right, but you implemented (c), which also has some merit, didn't you?
>  > Or did I miss something?
>  > (c) fail with error message if group cannot be found
>
> Ah, yes. You're right.
> The patch also includes (c). So the patch includes both (b)
> and (c). Sorry for my wrong description.


Hello,

Did you get around to option (a) also? I can confirm that your
patch did solve the crash, even if I don't use "su" to start up
the milter process as unprivileged user now, but the logs still
complain about chowning the socket which is not a filename; this
is a bit "unclean" :)

[ID 945945 mail.warning] /opt/COSmail/bin/milter-greylist:
cannot change "inet:3311@localhost" ownership to mailgrey/mailgrey:
No such file or directory

Thanks,
//Jim

Jim Klimov <jimklimov@...> wrote:

> Did you get around to option (a) also? I can confirm that your
> patch did solve the crash, even if I don't use "su" to start up
> the milter process as unprivileged user now, but the logs still
> complain about chowning the socket which is not a filename; this
> is a bit "unclean" :)

Not sure if I checked that one in. Could you send it back?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

On 2013-07-21 05:00, manu@... wrote:
> Jim Klimov <jimklimov@... <mailto:jimklimov%40cos.ru>> wrote:
>
>  > Did you get around to option (a) also? I can confirm that your
>  > patch did solve the crash, even if I don't use "su" to start up
>  > the milter process as unprivileged user now, but the logs still
>  > complain about chowning the socket which is not a filename; this
>  > is a bit "unclean" :)
>
> Not sure if I checked that one in. Could you send it back?

The original (one I tried):

http://xa.yimg.com/kq/groups/12763546/536577721/name/milter-greylist-4.4.3-fix-crash-by-chown-without-group.diff

Attached to the discussion
http://tech.groups.yahoo.com/group/milter-greylist/message/6093

HTH,
//Jim

Jim Klimov <jimklimov@...> wrote:

> The original (one I tried):

I checked it in.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...