#19 Insecure patch to allow program delivery in .qmail

closed-rejected
nobody
None
1
2009-05-02
2005-06-14
rbgarga
No

On qmailadmin 1.2.7, if you redirect a mail to a
command using pipe "|" it doesn't accept.

I made a patch that permit it if the user is DOMAIN_ADMIN.

Here is it.

Discussion

  • rbgarga
    rbgarga
    2005-06-14

    Patch that fix the problem

     
    Attachments
  • Tom Collins
    Tom Collins
    2005-06-14

    Logged In: YES
    user_id=117662

    This limit is intentional. If you allow DOMAIN_ADMINs to create their own
    piped commands, they can potentially gain access to any mailbox on your
    system.

    Do you trust all of your domain admins enough to:

    1) Not gain access to the contents of vpasswd files or the vpopmail.mysql
    file on your system.
    2) Not delete ~vpopmail/domains.
    3) Not run anything in ~vpopmail/bin/ that they shouldn't.

    Since the piped command runs as user vpopmail, this is a serious security
    hole, and we won't open it back up.

     
  • Tom Collins
    Tom Collins
    2005-06-14

    • assigned_to: nobody --> tomcollins
    • summary: You can't forwar to a pipe "|" --> You can't forward to a pipe "|"
    • status: open --> open-rejected
     
  • Tom Collins
    Tom Collins
    2005-09-02

    • priority: 5 --> 1
    • assigned_to: tomcollins --> nobody
    • summary: You can't forward to a pipe "|" --> Insecure patch to allow program delivery in .qmail
     
  • Tom Collins
    Tom Collins
    2009-05-02

    • status: open-rejected --> closed-rejected