Re: bug in procmail (ver 3.14 maybe others?)

From: Philip Guenther (guenther@sendmail.com)
Date: 02/24/02 

To: Ehud Tenenbaum <analyzer@2xss.com>
Date: Sat, 23 Feb 2002 23:03:56 -0800
From: Philip Guenther <guenther@sendmail.com>

Ehud Tenenbaum <analyzer@2xss.com> writes:
>We know its just a NULL pointer but since sendmail uses procmail
>to alert, and of course snedmail is suid as well it might be a
>problem to make the procmail segfault when sendmail calls it
>(its a pure idea I didnt take a look on sendmail handling
>childs functions yet).
>
>could be a dengerous ?

I doubt it's a problem: sendmail checks the exit status of its children
process and understands failures caused by signals, etc. If it _is_ a
problem, then procmail is wholly out of the picture, as this exact
problem will occur with many signals besides SIGALRM.

(As a (long) side note: the only way I know to send a SIGALRM to a
setuid process is to exec it directly, leaving an alarm pending past the
exec, and even then new enough OSes don't even allow that. It worked
under gdb because tracing disables setuid execution, but otherwise I
don't know how you would do it. You can send 'tty signals' (INT, QUIT,
TSTP, HUP, WINCH, INFO) to setuid processes if it's in one of your
sessions. That extends to some other signals (KILL and STOP), at least
some of the time, but I don't see how to arbitrarly send other signals
to setuid processes.)

Philip Guenther
guenther@sendmail.com
Procmail Maintainer
--------
Information and opinions expressed above are not those of Sendmail, Inc.

Relevant Pages

  • Re: Problem with Skunkware procmail 3.1.5 & 5.0.7 MP5
    ... for programs you want to allow sendmail to run. ... It appears to be in configured format followed by the old format. ... And I still need suggestions on how to prevent procmail from hosing my ... the next thing to do is get Spamassassin 3.1.4 to work. ...
    (comp.unix.sco.misc)
  • Re: need help about sendmail
    ... Copying all mail to Archive *The following is probably made obsolete by ... sendmail to archive copies of outgoing mail". ... The Sendmail FAQ does offer three suggestions for doing this, ... In the FAQ, and in the newsgroup, it is also suggested that Procmail can ...
    (RedHat)
  • Re: need help about sendmail
    ... One of the most common questions on comp.mail.sendmail is "How do I get ... sendmail to archive copies of outgoing mail". ... In the FAQ, and in the newsgroup, it is also suggested that Procmail can do ...
    (RedHat)
  • Re: Sendmail, Procmail and (ugh) Exchange
    ... Due to the crappy filtering available in Exchange, I want to still use procmail. ... We also still want to use sendmail for handling some other issues ... First remember that Procmail is a "Local Delivery Agent" that Sendmail calls for local delivery. ...
    (comp.mail.sendmail)
  • Re: how to trigger an action on email recieved
    ... Procmail, used as a mail delivery agent, will run with the access ... which of sendmail and/or postfix is installed. ... if Redhat would prevent the installation of several MTA's. ... Such symlinks will be used anyway because sendmail has been ...
    (comp.os.linux.misc)