sendmail dropping outgoing email on the floor

Carlos Puchol cpg at users.sourceforge.net
Mon Nov 1 23:09:45 UTC 2004


self follow up ...

carlos puchol <cpg at users.sourceforge.net> wrote:
> [22:27:55](3)rome:cpg# ll -L /usr/sbin/sendmail*
> -rwxr-sr-x  1 root smmsp  748296 Sep  1 03:20 /usr/sbin/sendmail
> -rwsr-xr-x  1 root root  2089729 Sep 13 09:20 /usr/sbin/sendmail.exim
> -rwxr-xr-x  1 root root   141344 Aug  5 08:03 /usr/sbin/sendmail.postfix
> -rwxr-sr-x  1 root smmsp  748296 Sep  1 03:20 /usr/sbin/sendmail.sendmail
> [22:28:01](3)rome:cpg#
> 
> i can't. so -- i am baffled as to how the user/group and
> the setuid was changed. i am 100% certain i did not change the
> permissions or user/group by hand.

after rebooting a couple of times
i got the clientmqueue error again today and mail got dropped!
admittedly i didn't notice before because i did not try
sending email from the machine subject to this bug.

the permissions to /usr/sbin/sendmail.sendmail have
gone _again_ to a user (my user - cpg)!!!

[15:02:38](1)rome:cpg# ll -L /usr/sbin/sendmail*
-rwxr-xr-x  1 root root   141344 Aug  5 08:03 /usr/sbin/sendmail
-rwsr-xr-x  1 root root  2089729 Sep 13 09:20 /usr/sbin/sendmail.exim
-rwxr-xr-x  1 root root   141344 Aug  5 08:03 /usr/sbin/sendmail.postfix
-rwxr-xr-x  1 cpg  users  748296 Sep  1 03:20 /usr/sbin/sendmail.sendmail
[15:02:40](1)rome:cpg#

i don't know how this can happen. this seems quite dangerous!
thankfully the setuid is no longer there, but this seems awfully
"close" to a security issue - some process is (incorrectly) changing
permissions of sensitive system files.

more later when i have a chance to debug this ...

-c




More information about the fedora-test-list mailing list