Package: sendmail-bin
Version: 8.14.3-9.4
Severity: serious
File: /usr/lib/sm.bin/mail.local
Justification: Policy 11.6
Using strace I see that mail.local uses flock:
open("/var/mail/psz", O_WRONLY|O_APPEND) = 4
flock(4, LOCK_EX) = 0
(as well as a /var/mail/psz.lock file).
This is against Debian policy: looking in
http://www.debian.org/doc/debian-policy/ch-customized-programs.html#s-mail-transport-agents
I see "... fcntl() locking must be ...". Curiously, mail.local accesses
(but does not use?) /usr/lib/liblockfile.so.1 also.
This bug may permit corruption of mail files, and in fact observed on
rare occasions.
Please see http://bugs.debian.org/513298 also.
Thanks, Paul
Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
-- Package-specific info:
Ouput of /usr/share/bug/sendmail-bin/script:
ls -alR /etc/mail:
/etc/mail:
total 106
drwxr-sr-x 7 smmta smmsp 1024 Jul 14 07:01 .
drwxr-xr-x 161 root root 10240 Nov 16 15:32 ..
-rwxr-xr-- 1 root smmsp 8043 Jul 14 08:15 Makefile
-rw------- 1 root root 4261 Jul 14 06:42 access
-rw-r----- 1 smmta smmsp 3072 Dec 22 2009 access.db
-rw-r--r-- 1 root smmsp 0 Dec 22 2009 aliases
-rw-r----- 1 smmta smmsp 3072 Jul 14 07:01 aliases.db
-rw-r--r-- 1 root smmsp 2804 Jul 14 08:15 databases
-rw-r--r-- 1 root root 5657 Jul 17 2008 helpfile
-rw-r--r-- 1 root smmsp 33 Dec 22 2009 local-host-names
drwxr-sr-x 2 smmta smmsp 1024 Dec 22 2009 m4
drwxr-xr-x 2 root root 1024 Jul 14 06:40 peers
drwxr-xr-x 2 root smmsp 1024 Jul 16 2008 sasl
-rw-r--r-- 1 root smmsp 8591 Jul 14 07:01 sendmail.cf
-rw-r--r-- 1 root root 8591 Jul 14 06:42 sendmail.cf.old
-rw-r--r-- 1 root root 10032 May 6 2002 sendmail.conf
-rw-r--r-- 1 root smmsp 46 Jul 14 07:01 sendmail.mc
drwxr-sr-x 2 smmta smmsp 1024 Dec 22 2009 smrsh
lrwxrwxrwx 1 root root 15 Dec 23 2009 spamassassin -> ../spamassassin
-rw-r--r-- 1 root smmsp 7947 Jul 14 07:01 submit.cf
-rw-r--r-- 1 root smmsp 55 Jul 14 06:42 submit.cf.errors
-rw-r--r-- 1 root root 7947 Jul 14 06:42 submit.cf.old
-rw-r--r-- 1 root smmsp 59 Jul 14 07:01 submit.mc
drwxr-xr-x 2 smmta smmsp 1024 Dec 22 2009 tls
-rw-r--r-- 1 root smmsp 0 Dec 22 2009 trusted-users
/etc/mail/m4:
total 2
drwxr-sr-x 2 smmta smmsp 1024 Dec 22 2009 .
drwxr-sr-x 7 smmta smmsp 1024 Jul 14 07:01 ..
-rw-r----- 1 root smmsp 0 Dec 22 2009 dialup.m4
-rw-r----- 1 root smmsp 0 Dec 22 2009 provider.m4
/etc/mail/peers:
total 2
drwxr-xr-x 2 root root 1024 Jul 14 06:40 .
drwxr-sr-x 7 smmta smmsp 1024 Jul 14 07:01 ..
/etc/mail/sasl:
total 2
drwxr-xr-x 2 root smmsp 1024 Jul 16 2008 .
drwxr-sr-x 7 smmta smmsp 1024 Jul 14 07:01 ..
/etc/mail/smrsh:
total 2
drwxr-sr-x 2 smmta smmsp 1024 Dec 22 2009 .
drwxr-sr-x 7 smmta smmsp 1024 Jul 14 07:01 ..
lrwxrwxrwx 1 root smmsp 26 Dec 22 2009 mail.local ->
/usr/lib/sm.bin/mail.local
lrwxrwxrwx 1 root smmsp 17 Dec 22 2009 procmail -> /usr/bin/procmail
lrwxrwxrwx 1 root smmsp 17 Dec 22 2009 vacation -> /usr/bin/vacation
/etc/mail/tls:
total 23
drwxr-xr-x 2 smmta smmsp 1024 Dec 22 2009 .
drwxr-sr-x 7 smmta smmsp 1024 Jul 14 07:01 ..
-rw-r--r-- 1 root root 7 Dec 22 2009 no_prompt
-rw------- 1 root root 1191 Dec 22 2009 sendmail-client.cfg
-rw-r--r-- 1 root smmsp 1249 Dec 22 2009 sendmail-client.crt
-rw------- 1 root root 1025 Dec 22 2009 sendmail-client.csr
-rw-r----- 1 root smmsp 1675 Dec 22 2009 sendmail-common.key
-rw-r----- 1 root smmsp 1582 Dec 22 2009 sendmail-common.prm
-rw------- 1 root root 1191 Dec 22 2009 sendmail-server.cfg
-rw-r--r-- 1 root smmsp 1249 Dec 22 2009 sendmail-server.crt
-rw------- 1 root root 1025 Dec 22 2009 sendmail-server.csr
-rwxr--r-- 1 root root 3262 Jul 14 06:42 starttls.m4
sendmail.conf:
DAEMON_MODE="Daemon";
DAEMON_PARMS="";
DAEMON_HOSTSTATS="Yes";
DAEMON_MAILSTATS="No";
QUEUE_MODE="${DAEMON_MODE}";
QUEUE_INTERVAL="10";
QUEUE_PARMS="";
MSP_MODE="${QUEUE_MODE}";
MSP_INTERVAL="${QUEUE_INTERVAL}";
MSP_PARMS="${QUEUE_PARMS}";
MSP_MAILSTATS="No";
MISC_PARMS="";
CRON_MAILTO="root";
CRON_PARMS="";
AGE_DATA="";
DAEMON_STATS="${DAEMON_MAILSTATS}";
MSP_STATS="${MSP_MAILSTATS}";
sendmail.mc:
[trigger for usr/share/sendmail/sm_helper.sh]
submit.mc...
FEATURE(`msp [trigger for usr/share/sendmail/sm_helper.sh]
-- System Information:
Debian Release: 6.0.3
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-pk05.09-svr (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages sendmail-bin depends on:
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libdb4.7 4.7.25-9 Berkeley v4.7 Database Libraries [
ii libldap-2.4-2 2.4.23-7.2 OpenLDAP libraries
ii liblockfile1 1.08-4 NFS-safe locking library, includes
ii libsasl2-2 2.1.23.dfsg1-7 Cyrus SASL - authentication abstra
ii libssl0.9.8 0.9.8o-4squeeze4 SSL shared libraries
ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra
ii sendmail-base 8.14.3-9.4 powerful, efficient, and scalable
ii sendmail-cf 8.14.3-9.4 powerful, efficient, and scalable
sendmail-bin recommends no packages.
Versions of packages sendmail-bin suggests:
ii libsasl2-modules 2.1.23.dfsg1-7 Cyrus SASL - pluggable authenticat
ii openssl 0.9.8o-4squeeze4 Secure Socket Layer (SSL) binary a
pn sasl2-bin <none> (no description available)
ii sendmail-doc 8.14.3-9.4 powerful, efficient, and scalable
Versions of packages sensible-mda depends on:
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii procmail 3.22-19 Versatile e-mail processor
Versions of packages rmail depends on:
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libldap-2.4-2 2.4.23-7.2 OpenLDAP libraries
-- Configuration Files:
/etc/init.d/sendmail changed [not included]
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
