Subject: pkg/18788: procmail creates mailbox chmod 660 chgrp wheel
To: None <gnats-bugs@gnats.netbsd.org>
From: Hauke Fath <hf@tangro.de>
List: netbsd-bugs
Date: 10/24/2002 11:12:49
>Number:         18788
>Category:       pkg
>Synopsis:       procmail creates mailbox chmod 660 chgrp wheel
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Oct 24 02:13:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Hauke Fath <hf@tangro.de>
>Release:        NetBSD 1.6_STABLE
>Organization:
Tangro GmbH -- does not speak for me and vice versa.
>Environment:
System: NetBSD jump 1.6_STABLE NetBSD 1.6_STABLE (JUMP) #0: Thu Oct 3 01:53:38 CEST 2002 hf@jump:/usr/src/sys/arch/i386/compile/JUMP i386
Architecture: i386
Machine: i386

[hf@jump] ~ > pkg_info | grep procmail
procmail-3.22       Local mail delivery agent

>Description:
	When procmail is used as local mailer, it creates a new user's
	mailbox chmod 660 and chgrp wheel.
>How-To-Repeat:

Set up procmail as local mailer with sendmail

[hf@jump] /var/mail # fgrep -i procmail  /usr/share/sendmail/cf/jump.mc
define(`PROCMAIL_MAILER_PATH', `/usr/pkg/bin/procmail')
FEATURE(`local_procmail')

Create a new user

[hf@jump] /var/mail # useradd -m -g guest -c "Heinz Testmann" heinz

Send him a mail 

[hf@jump] /var/mail # date | mail -s TEST heinz
[hf@jump] /var/mail # ls -l heinz 
-rw-rw----  1 heinz  wheel  366 Oct 24 10:58 heinz
[hf@jump] /var/mail # 

>Fix:
	What procmail does looks SYSVish (with mailboxes writable by
	group mail); might be a procmail build option. Or, have
	useradd create an empty mailbox.

>Release-Note:
>Audit-Trail:
>Unformatted: