NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

misc/59499: Privilege separation accounts not included in /etc/mail/aliases



>Number:         59499
>Category:       misc
>Synopsis:       Privilege separation accounts not included in /etc/mail/aliases
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Jul 01 22:45:00 +0000 2025
>Originator:     Piotr Durlej
>Release:        10.1
>Organization:
>Environment:
NetBSD test.example.com 10.1 NetBSD 10.1 (GENERIC) #0: Mon Dec 16 13:08:11 UTC 2024  mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64

>Description:
The privilege separation accounts (_dhcpcd _httpd _mdnsd _nsd _pflogd _proxy _rtadvd _rwhod _sdpd _tcpdump _tests _timedc _tss _unbound) are currently not included /etc/mail/aliases.

How about redirecting those accounts to /dev/null?

>How-To-Repeat:
$ echo test | mail -s test _tcpdump
$ ls -l /var/mail/_tcpdump
-rw-------  1 _tcpdump  wheel  474 Jul  2 00:32 /var/mail/_tcpdump
$ 

>Fix:
diff -Nrup src/etc/aliases src.new/etc/aliases
--- src/etc/aliases	2010-08-25 17:38:44.000000000 +0200
+++ src.new/etc/aliases	2025-07-01 23:50:39.246969827 +0200
@@ -25,6 +25,21 @@ ntpd:		root
 sshd:		root
 nobody:		root
 
+_dhcpcd:	/dev/null
+_httpd:		/dev/null
+_mdnsd:		/dev/null
+_nsd:		/dev/null
+_pflogd:	/dev/null
+_proxy:		/dev/null
+_rtadvd:	/dev/null
+_rwhod:		/dev/null
+_sdpd:		/dev/null
+_tcpdump:	/dev/null
+_tests:		/dev/null
+_timedc:	/dev/null
+_tss:		/dev/null
+_unbound:	/dev/null
+
 # Well-known aliases -- these should be filled in!
 # root:
 # operator:



Home | Main Index | Thread Index | Old Index