ungleich-public/cdist-contrib
ungleich-public/cdist-contrib
8
2
Fork 3
Code Issues 2 Pull requests 3 Projects Releases Wiki Activity

[__opendkim[_genkey]]: potential for wrong permissions with --userid #17

New issue
Closed
opened 2022-03-09 20:05:19 +00:00 by evilham · 2 comments
evilham commented 2022-03-09 20:05:19 +00:00
Collaborator
Copy link

Porting these types to work on FreeBSD I noticed that __opendkim has support for a --userid parameter.

OTOH, __opendkim_genkey just uses chown opendkim:opendkim KEY.private; therefore assuming that the service runs with those credentials.

Without knowing the internals of Alpine, I can imagine this being an issue as per opendkim(8):

   Thus, keys referenced by the KeyTable must always be accessible for
   read by the unprivileged user.  Also, run-time reloads are not possible
   if any of the other files will not be readable by the unprivileged
   user.

Instead of making things complex, I suggest deprecating __opendkim's --userid argument; does that sound ok? Which use-case am I missing?

Porting these types to work on FreeBSD I noticed that `__opendkim` has support for a `--userid` parameter. OTOH, `__opendkim_genkey` just uses `chown opendkim:opendkim KEY.private`; therefore assuming that the service runs with those credentials. Without knowing the internals of Alpine, I can imagine this being an issue as per `opendkim(8)`: Thus, keys referenced by the KeyTable must always be accessible for read by the unprivileged user. Also, run-time reloads are not possible if any of the other files will not be readable by the unprivileged user. Instead of making things complex, I suggest deprecating `__opendkim`'s `--userid` argument; does that sound ok? Which use-case am I missing?
evilham changed title from __opendkim[_genkey]: potential for wrong permissions with --userid to [__opendkim[_genkey]]: potential for wrong permissions with --userid 2022-03-09 20:35:18 +00:00
evilham commented 2022-03-09 20:35:45 +00:00
Author
Collaborator
Copy link

cc: @sparrowhawk

cc: @sparrowhawk
sparrowhawk commented 2022-03-15 14:29:23 +00:00
Collaborator
Copy link

Uuugh, pretty sure that's a loosely concentrated me trying to ease further generalization of the type without actually thinking it through. We don't use that parameter anywhere, and I don't see why anyone would want to use another user than the one that is preconfigured in the package for their distribution.

Go for deprecation.

Uuugh, pretty sure that's a loosely concentrated me trying to ease further generalization of the type without actually thinking it through. We don't use that parameter anywhere, and I don't see why anyone would want to use another user than the one that is preconfigured in the package for their distribution. Go for deprecation.
fnux closed this issue 2024-05-15 11:56:17 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
opendkim-debian
kjg_passwordconfig
synapse-upstream-apt-repository
haproxy-dualstack
synapse-upstream-repository
root-mail-dma
No results found.
Labels
Clear labels   
bug

   
confirmed

   
critical

   
discussion

   
documentation

   
enhancement

   
feedback-required

   
good-first-issue

   
ready

   
reviewed

   
suggestion

   
support
No labels
bug
confirmed
critical
discussion
documentation
enhancement
feedback-required
good-first-issue
ready
reviewed
suggestion
support
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: ungleich-public/cdist-contrib#17
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?