Re: security(8) check maildir as well as mailbox permissions
People are placing maildirs in /var/maildir, /var/vmail, /mail, /var/spool/mail, and who knows what other embarrassingly heinous hierarchical heresies are being committed. Index: hier.7 === RCS file: /cvs/src/share/man/man7/hier.7,v retrieving revision 1.109 diff -u -u -p -r1.109 hier.7 --- hier.7 14 Aug 2013 08:39:29 - 1.109 +++ hier.7 21 Dec 2013 15:21:55 - @@ -617,7 +617,7 @@ Log files for .El .Pp .It mail/ -User mailbox files. +User mailbox files and/or maildirs. .It named/ Chroot directory for .Xr named 8 . You seem to be coming from the perspective that people do stupid things, and our base system should handle those stupid things. I don't buy it. If it's stupid, why not just leave the script alone.
Re: security(8) check maildir as well as mailbox permissions
On 2013-12-21 Sat 08:55 AM |, Theo de Raadt wrote: You seem to be coming from the perspective that people do stupid things, and our base system should handle those stupid things. My perspective is maildir (backed IMAP) is commonly deployed, and such are as well being security checked.
Re: security(8) check maildir as well as mailbox permissions
You seem to be coming from the perspective that people do stupid things, and our base system should handle those stupid things. My perspective is maildir (backed IMAP) is commonly deployed, and such are as well being security checked. Yes, and perhaps that means they should use a different directory!
Re: security(8) check maildir as well as mailbox permissions
On 2013-12-21 Sat 09:16 AM |, Theo de Raadt wrote: You seem to be coming from the perspective that people do stupid things, and our base system should handle those stupid things. My perspective is maildir (backed IMAP) is commonly deployed, and such are as well being security checked. Yes, and perhaps that means they should use a different directory! No thanks. I say /var/mail is the right place for maildirs. The mailbox format is too limiting these days, with all of its file locking problems. A cluster of SMTP servers can concurrently write to a set of NFS mounted /var/mail directories, while simultaneously, a cluster of IMAP servers can concurrently both read and write to the same NFS mounted /var/mail directories. I'll continue to locally patch security, as I'm not fool who makes an idol out of archaic UNIX traditions. Cheers, -- Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
Re: security(8) check maildir as well as mailbox permissions
skin...@britvault.co.uk (Craig R. Skinner) writes: On 2013-12-21 Sat 09:16 AM |, Theo de Raadt wrote: You seem to be coming from the perspective that people do stupid things, and our base system should handle those stupid things. My perspective is maildir (backed IMAP) is commonly deployed, and such are as well being security checked. Yes, and perhaps that means they should use a different directory! No thanks. I say /var/mail is the right place for maildirs. It's not. Do what you want on your systems. The mailbox format is too limiting these days, with all of its file locking problems. A cluster of SMTP servers can concurrently write to a set of NFS mounted /var/mail directories, while simultaneously, a cluster of IMAP servers can concurrently both read and write to the same NFS mounted /var/mail directories. I'll continue to locally patch security, as I'm not fool who makes an idol out of archaic UNIX traditions. Fine! Cheers, -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: security(8) check maildir as well as mailbox permissions
skin...@britvault.co.uk wrote: I'll continue to locally patch security While we are at it, do you understand that you can populate root's crontab with whatever scripts you want, so that you don't need to patch security in order to get the job done for you? -- Dmitrij D. Czarkoff
Re: security(8) check maildir as well as mailbox permissions
Am 20.12.2013 um 08:48 schrieb David Gwynne da...@gwynne.id.au:
On 20 Dec 2013, at 2:56 am, Alexander Hall alexan...@beard.se wrote:
Henning Brauer lists-openbsdt...@bsws.de wrote:
* Craig R. Skinner skin...@britvault.co.uk [2013-12-19 10:18]:
On 2013-12-18 Wed 20:48 PM |, J??r??mie Courr??ges-Anglas wrote:
skin...@britvault.co.uk (Craig R. Skinner) writes:
On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote:
Check the security of /var/mail/dirs similar to
/var/mail/boxes:
Indeed, but security(8) really reflects things in the base OS,
smtpd.conf(8)
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
Therefore: ... deliver to maildir /var/mail/%{user.username}
Therefore? How so? What's the logic, here?
THEREFORE software in base can deliver to maildir in /var/mail
THEREFORE software in base can also deliver mail to
/omgohmymail/pr0n/$uid - does that mean we check it in security?
The question is rather wether Maildirs in /var/mail are a common
enough setup to warrant a check in security.
I totally agree with Henning here.
That said, I ended up putting my Maildirs in /var/maildir because of this,
so I for one wouldn't object.
i also put maildirs in /var/maildir...
Similar discussion, pops up from time to time:
http://marc.info/?l=openbsd-miscm=133422769629575w=2
Quoting sthen@ in the old thread:
/var/mail is intended for user-owned mbox files, I would think
moving your maildirs elsewhere is more sane. I tend to use /mail
for virtual user mailboxes but each to their own :)
IMHO, some standard/best practice directory for maildirs is
missing in hier(7).
FWIIW, I put mine in /var/vmail but I would move mine to anything
else to fulfill standard/best practices.
Re: security(8) check maildir as well as mailbox permissions
On 2013-12-18 Wed 20:48 PM |, J??r??mie Courr??ges-Anglas wrote:
skin...@britvault.co.uk (Craig R. Skinner) writes:
On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote:
Check the security of /var/mail/dirs similar to /var/mail/boxes:
Indeed, but security(8) really reflects things in the base OS,
smtpd.conf(8)
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
Therefore: ... deliver to maildir /var/mail/%{user.username}
Therefore? How so? What's the logic, here?
THEREFORE software in base can deliver to maildir in /var/mail
Indeed, but security(8) really reflects things in the base OS,
OK?
--
Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
Re: security(8) check maildir as well as mailbox permissions
* Craig R. Skinner skin...@britvault.co.uk [2013-12-19 10:18]:
On 2013-12-18 Wed 20:48 PM |, J??r??mie Courr??ges-Anglas wrote:
skin...@britvault.co.uk (Craig R. Skinner) writes:
On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote:
Check the security of /var/mail/dirs similar to /var/mail/boxes:
Indeed, but security(8) really reflects things in the base OS,
smtpd.conf(8)
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
Therefore: ... deliver to maildir /var/mail/%{user.username}
Therefore? How so? What's the logic, here?
THEREFORE software in base can deliver to maildir in /var/mail
THEREFORE software in base can also deliver mail to
/omgohmymail/pr0n/$uid - does that mean we check it in security?
The question is rather wether Maildirs in /var/mail are a common
enough setup to warrant a check in security.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
Re: security(8) check maildir as well as mailbox permissions
Am 12/19/13 10:55, schrieb Henning Brauer:
* Craig R. Skinner skin...@britvault.co.uk [2013-12-19 10:18]:
On 2013-12-18 Wed 20:48 PM |, J??r??mie Courr??ges-Anglas wrote:
skin...@britvault.co.uk (Craig R. Skinner) writes:
On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote:
Check the security of /var/mail/dirs similar to /var/mail/boxes:
Indeed, but security(8) really reflects things in the base OS,
smtpd.conf(8)
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
Therefore: ... deliver to maildir /var/mail/%{user.username}
Therefore? How so? What's the logic, here?
THEREFORE software in base can deliver to maildir in /var/mail
THEREFORE software in base can also deliver mail to
/omgohmymail/pr0n/$uid - does that mean we check it in security?
The question is rather wether Maildirs in /var/mail are a common
enough setup to warrant a check in security.
By default it's supposed to be in $HOME/Maildir:
smtpd.conf(5)
deliver to maildir path
[snip what's quoted above]
If path is not provided, then ~/Maildir is assumed.
Bye, Marcus
Re: security(8) check maildir as well as mailbox permissions
Marcus MERIGHI mcmer-open...@tor.at writes: [...] By default it's supposed to be in $HOME/Maildir: smtpd.conf(5) deliver to maildir path [snip what's quoted above] If path is not provided, then ~/Maildir is assumed. Bye, Marcus We are aware of this. Now read again the previous mails and ask yourself why this part of the documentation has been stripped twice by the same guy. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: security(8) check maildir as well as mailbox permissions
On 20 Dec 2013, at 2:56 am, Alexander Hall alexan...@beard.se wrote:
Henning Brauer lists-openbsdt...@bsws.de wrote:
* Craig R. Skinner skin...@britvault.co.uk [2013-12-19 10:18]:
On 2013-12-18 Wed 20:48 PM |, J??r??mie Courr??ges-Anglas wrote:
skin...@britvault.co.uk (Craig R. Skinner) writes:
On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote:
Check the security of /var/mail/dirs similar to
/var/mail/boxes:
Indeed, but security(8) really reflects things in the base OS,
smtpd.conf(8)
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
Therefore: ... deliver to maildir /var/mail/%{user.username}
Therefore? How so? What's the logic, here?
THEREFORE software in base can deliver to maildir in /var/mail
THEREFORE software in base can also deliver mail to
/omgohmymail/pr0n/$uid - does that mean we check it in security?
The question is rather wether Maildirs in /var/mail are a common
enough setup to warrant a check in security.
I totally agree with Henning here.
That said, I ended up putting my Maildirs in /var/maildir because of this, so
I for one wouldn't object.
i also put maildirs in /var/maildir...
/Alexander
Re: security(8) check maildir as well as mailbox permissions
On 2013/12/17 17:07, Craig R. Skinner wrote: On 2013-12-16 Mon 13:15 PM |, Craig R. Skinner wrote: On 2013-12-16 Mon 12:22 PM |, Stuart Henderson wrote: On 2013/12/16 12:11, Craig R. Skinner wrote: Check the security of /var/mail/dirs similar to /var/mail/boxes: Aren't maildirs usually in ~/Maildir? MTA's can deliver to maildirs in several places. Postfix example (the trailing slash changes from mbox to maildir format): $ postconf -h mail_spool_directory /var/mail/ Usually, all user web files are kept in ~/public_html OpenBSD places them in /var/www/users/$LOGIN By keeping all mail in a separately mounted /var/mail partition, (with simple mutt dovecot configs) mail only users can have /var/empty has $HOME, authpf or nologin as $SHELL. This eliminates SQL or other complicated mail stores for 'virtual' users Separate 'black box' servers can be dedicated to mail only duties, without user shell logins, /var/mail can be NFS exported as there are no file locking problems with maildirs - each message is a unique file. New mail can be delivered without locking the box. Also, an annual dump cycle can be set on /home, with quarterly/monthly level 0 dumps on /var/mail, different quotas set on the different partitions. Possibilities abound, Indeed, but security(8) really reflects things in the base OS, perhaps a security.local might be worthwhile for custom setups though...
Re: security(8) check maildir as well as mailbox permissions
On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote:
Check the security of /var/mail/dirs similar to /var/mail/boxes:
Indeed, but security(8) really reflects things in the base OS,
smtpd.conf(8)
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
Therefore: ... deliver to maildir /var/mail/%{user.username}
OK for the patch then?
Cheers,
--
Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
Re: security(8) check maildir as well as mailbox permissions
skin...@britvault.co.uk (Craig R. Skinner) writes:
On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote:
Check the security of /var/mail/dirs similar to /var/mail/boxes:
Indeed, but security(8) really reflects things in the base OS,
smtpd.conf(8)
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
Therefore: ... deliver to maildir /var/mail/%{user.username}
Therefore? How so? What's the logic, here?
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
(see above). If path is not provided, then ~/Maildir is
assumed.
You're trying to trick people into doing what you want. That's not
a very good idea on this mailing-list.
OK for the patch then?
http://nelson-haha.com/
Cheers,
--
jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: security(8) check maildir as well as mailbox permissions
On Wed, Dec 18, 2013 at 08:48:38PM +0100, Jérémie Courrèges-Anglas wrote:
skin...@britvault.co.uk (Craig R. Skinner) writes:
On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote:
Check the security of /var/mail/dirs similar to /var/mail/boxes:
Indeed, but security(8) really reflects things in the base OS,
smtpd.conf(8)
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
Therefore: ... deliver to maildir /var/mail/%{user.username}
Therefore? How so? What's the logic, here?
deliver to maildir path
Mail is added to a maildir. Its location, path, may
contain format specifiers that are expanded before use
(see above). If path is not provided, then ~/Maildir is
assumed.
You're trying to trick people into doing what you want. That's not
a very good idea on this mailing-list.
Maybe a plugin based security(8)? If it won't be accepted into base OS
maybe it could be in ports as an alternative (line base OS nginx with
limited features and nginx in ports).
jirib
Re: security(8) check maildir as well as mailbox permissions
On 2013-12-16 Mon 13:15 PM |, Craig R. Skinner wrote: On 2013-12-16 Mon 12:22 PM |, Stuart Henderson wrote: On 2013/12/16 12:11, Craig R. Skinner wrote: Check the security of /var/mail/dirs similar to /var/mail/boxes: Aren't maildirs usually in ~/Maildir? MTA's can deliver to maildirs in several places. Postfix example (the trailing slash changes from mbox to maildir format): $ postconf -h mail_spool_directory /var/mail/ Usually, all user web files are kept in ~/public_html OpenBSD places them in /var/www/users/$LOGIN By keeping all mail in a separately mounted /var/mail partition, (with simple mutt dovecot configs) mail only users can have /var/empty has $HOME, authpf or nologin as $SHELL. This eliminates SQL or other complicated mail stores for 'virtual' users Separate 'black box' servers can be dedicated to mail only duties, without user shell logins, /var/mail can be NFS exported as there are no file locking problems with maildirs - each message is a unique file. New mail can be delivered without locking the box. Also, an annual dump cycle can be set on /home, with quarterly/monthly level 0 dumps on /var/mail, different quotas set on the different partitions. Possibilities abound, -- Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
security(8) check maildir as well as mailbox permissions
Check the security of /var/mail/dirs similar to /var/mail/boxes:
Index: security
===
RCS file: /cvs/src/libexec/security/security,v
retrieving revision 1.23
diff -u -u -p -r1.23 security
--- security21 Mar 2013 09:37:37 - 1.23
+++ security16 Dec 2013 12:05:52 -
@@ -458,9 +458,16 @@ sub check_mailboxes {
my $gname = (getgrgid $fgid)[0] // $fgid;
nag $fname ne $name,
user $name mailbox is owned by $fname;
- nag S_IMODE($mode) != (S_IRUSR | S_IWUSR),
- sprintf 'user %s mailbox is %s, group %s',
- $name, strmode($mode), $gname;
+ if (S_ISDIR($mode)) {
+ nag S_IMODE($mode) != (S_IRUSR | S_IWUSR | S_IXUSR),
+ sprintf 'user %s maildir is %s, group %s',
+ $name, strmode($mode), $gname;
+ }
+ else {
+ nag S_IMODE($mode) != (S_IRUSR | S_IWUSR),
+ sprintf 'user %s mailbox is %s, group %s',
+ $name, strmode($mode), $gname;
+ }
}
closedir $dh;
}
Cheers,
--
Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
Re: security(8) check maildir as well as mailbox permissions
On 2013/12/16 12:11, Craig R. Skinner wrote: Check the security of /var/mail/dirs similar to /var/mail/boxes: Aren't maildirs usually in ~/Maildir?
Re: security(8) check maildir as well as mailbox permissions
On 2013-12-16 Mon 12:22 PM |, Stuart Henderson wrote: On 2013/12/16 12:11, Craig R. Skinner wrote: Check the security of /var/mail/dirs similar to /var/mail/boxes: Aren't maildirs usually in ~/Maildir? MTA's can deliver to maildirs in several places. Postfix example (the trailing slash changes from mbox to maildir format): $ postconf -h mail_spool_directory /var/mail/ Cheers, -- Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
