Bug#293207: bogofilter: Any fix found?

Matthias Andree matthias.andree at gmx.de
Tue Mar 8 00:36:17 CET 2005


"Dann Daggett" <dann at exposim.com> writes:

>>Matthias Andree wrote
>>> Since I have different wordlists for each user, the process runs as 
>>> each user, and therefore it doesn't have permission to access the 
>>> files. So I think I need a way to tell whatever process is creating 
>>> the log files (be it bogofilter, DB, or logrotate)
>
>>The process is bogofilter or bogoutil. Check who calls your processes.
>
> Thank you Matthias.
>
> I assume that it is Sendmail that calls my .procmailrc file in /home/dann.
> -rw-------    1 dann     root          400 Mar  4 18:14 .procmailrc

Well, unless you have some .forward file, that is likely.

Sendmail is often shipped with the local_procmail "feature" enabled.

Please check or show me the following:

0. if you have all security, critical and recommended patches installed
   on your OS

1. if your sendmail configuration and executable are version-matched. If
   your sendmail executable is 8.13, then your configuration must have
   been generated with the 8.13 m4 macro set as well. Mismatched
   sendmail executable and configuration are not covered by any
   warranties except that you'll see trouble.

2. permissions on the programs: 
   a. ls -l `which procmail`
   b. ls -l `which bogofilter`

3. if there is a file /etc/procmailrc, and if there is, if it can call
   bogofilter or be tricked into doing so.

4. save to /var/tmp, (a) compile and (b) install the attached program
   (Linux-specific) and (c) insert it before the bogofilter call into
   your .dmdbogo_procmailrc, possibly redirecting its output:

   a. gcc -O -o printugid printugid.c
   b. install -s -m0755 printugid /usr/local/bin/
   c. edit ~/.dmdbogo_procmailrc with your favorite editor to run
      printugid and save its output before bogofilter is run.
 
5. procmail version (procmail -v) 

6. sendmail version (I don't know the command off-hand, no sendmail on
   *any* of the machines I have shell access to, perhaps
   echo QUIT | /usr/sbin/sendmail -bs        does the job)

*** IF SOMEONE CAN HELP WITH FINDING OUT SENDMAIL PROGRAM AND    ***
*** CONFIGURATION VERSIONS FROM THE COMMAND LINE, PLEASE JUMP IN ***

Then send yourself a mail that goes through bogofilter (you may need to
skip the whitelist) and watch the output of printugid. The figures of
all *uid should match each other, and the figures of all *gid should
match each other, example:

ruid=500 euid=500 suid=500
rgid=100 egid=100 sgid=100

whereas for setuid or setgid executables, there will me mismatches
within either line (or both).

You can then remove /usr/local/bin/printugid again.

> [...]
> So everything works fine, until the current log.000000000 file reaches 1MB,
> and a new one gets created. But because this new log file gets created as
> owned by root, and not dann, the next email that comes in fails to properly
> execute bogofilter. That continously errors until I manually chown
> log.00000000 to dann, and then it works ok until the next successive log
> file gets created.

I suspect that something messes up permissions, and it's probably
something that either does not drop privileges properly (sendmail is
notorious for that) or regains them (set-uid executables do that).

> I assume the programmers of bogofilter would know this actually works?

I for one don't know how procmail too well, and I discourage using it.

> Finally, recent activity of this list that's been discussing the database
> transactions vs. non-transactions have led me to question if these log files
> are part of that transaction system, and if I disable transactions would
> these log files no longer get created, thereby working around my problem
> until a better solution is found?

The better solution is identifying and removing the culprit from your
system; the current behavior looks like a security hole, and your
switching bogofilter versions will not plug this potential
vulnerability.

-- 
Matthias Andree
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: printugid.c
URL: <http://www.bogofilter.org/pipermail/bogofilter/attachments/20050308/d23e236c/attachment.c>
-------------- next part --------------
_______________________________________________
Bogofilter mailing list
Bogofilter at bogofilter.org
http://www.bogofilter.org/mailman/listinfo/bogofilter


More information about the Bogofilter mailing list