Re: [fetchmail-devel] [patch] Drop privileges

[Thomas J. <tho...@in...>]

Hello Matthias,

On Wednesday, 22. April 2009 18:22:57 Matthias Andree wrote:
> We'd probably need more detailed instructions of what doesn't work inside
> chroots (you mentioned /var/run -- and this may require revising the stale
> lock detection and/or logging), and what needs to be inside the chroot
> because it's re-read at run-time, for instance, the resolver is
> re-initialized frequently in daemon mode, so we need some libs and config
> files inside the chroot, and depending on how much caching the libc does,
> we may need f. i. /etc/services... unfortunately, this is highly OS and
> version dependent.

If someone uses the daemon mode inside the chroot, I guess /etc/fetchmailrc
needs to be owned by the unprivileged user, too.
Though I don't use the daemon mode myself.

My current chroot sandbox looks like this:

[root@intranator fetchmail]# ls -alR
.:
total 5
drwxr-xr-x    2 root     root         1024 Apr 24 16:03 etc
drwxr-xr-x    2 root     root         1024 Apr 24 16:00 lib
drwxr-x---    2 fetchmai fetchmai     1024 Apr 24 11:59 tmp

./etc:
total 18
-rw-r--r--    1 root     root           26 Apr 24 16:03 host.conf
-rw-r--r--    1 root     root           48 Apr 24 16:03 hosts
-rw-r--r--    1 root     root          837 Apr 24 16:03 localtime
-rw-r--r--    1 root     root           34 Apr 24 16:03 resolv.conf
-rw-r--r--    1 root     root        11375 Apr 24 16:03 services

./lib:
total 1264
-rwxr-xr-x    1 root     root       218749 Nov  2  2004 libnss_compat-2.1.3.so
lrwxrwxrwx    1 root     root           22 Apr 24 16:00 libnss_compat.so.2 -> libnss_compat-2.1.3.so
-rwxr-xr-x    1 root     root        68957 Nov  2  2004 libnss_dns-2.1.3.so
lrwxrwxrwx    1 root     root           19 Apr 24 16:00 libnss_dns.so.2 -> libnss_dns-2.1.3.so
-rwxr-xr-x    1 root     root       245542 Nov  2  2004 libnss_files-2.1.3.so
lrwxrwxrwx    1 root     root           21 Apr 24 16:00 libnss_files.so.2 -> libnss_files-2.1.3.so
-rwxr-xr-x    1 root     root        69129 Nov  2  2004 libnss_hesiod-2.1.3.so
lrwxrwxrwx    1 root     root           22 Apr 24 16:00 libnss_hesiod.so.2 -> libnss_hesiod-2.1.3.so
-rwxr-xr-x    1 root     root       255929 Nov  2  2004 libnss_nis-2.1.3.so
lrwxrwxrwx    1 root     root           19 Apr 24 16:00 libnss_nis.so.2 -> libnss_nis-2.1.3.so
-rwxr-xr-x    1 root     root       254328 Nov  2  2004 libnss_nisplus-2.1.3.so
lrwxrwxrwx    1 root     root           23 Apr 24 16:00 libnss_nisplus.so.2 -> libnss_nisplus-2.1.3.so
-rwxr-xr-x    1 root     root       169644 Apr 24 16:00 libresolv-2.1.3.so
lrwxrwxrwx    1 root     root           18 Apr 24 16:00 libresolv.so.2 -> libresolv-2.1.3.so

> I still need to think how to integrate all this, since 6.3.X is supposed to
> be a bug-fix branch... it seems I need to revive the bit-rotten 6.4.X
> branch for new features, mark 6.3 "regression fixes only" and move on...

Put it in 6.4.x if you like, it works fine for me in 6.3.

> I'm also pondering whether fetchmail needs a split-process model some day,
> which might then solve issues such as the /var/run (PID file) removal
> problem you mentioned and perhaps allow for a pool of concurrent fetch
> children - useful with multiple accounts. That's certainly for later...

So much ideas - so little time :-)

Cheers,
Thomas