Recipe 10.11 Setting a Safe Default User ID

Previous page
Table of content
Next page

Recipe 10.11 Setting a Safe Default User ID

Problem

sendmail requires its own user ID for when it is not running as root .

Solution

Check the /etc/passwd , /etc/shadow , and /etc/ group files to see if your system has entries for the user mailnull and the group mailnull . [5] If you find mailnull entries in these files, you're done. Otherwise, add mailnull to /etc/passwd using UID and GID values that are available on your system. On our sample system, we used the following entry:

[5] This example assumes that these are local files. If your system uses NIS or some other server for this information, make sure you check the correct source. 

 mailnull:x:65533:65533:Sendmail DefaultUser:/var/spool/mqueue:/bin/false

Next, add mailnull to the /etc/group file, as in this example: 

 mailnull:x:65533:

And, if you use the /etc/shadow file, add a mailnull entry to that file. Here is an example that is compatible with the shadow file used on Red Hat Linux systems: 

 mailnull:!!:11530:0:99999:7:::

Discussion

When sendmail is running with root privileges, the DefaultUser option identifies the user ID and group ID that sendmail uses when it gives up root privileges. This is the UID and GID used to do such things as run mailers and other external commands. When DefaultUser is not explicitly defined in the configuration, four possible default values are available. The order in which these defaults are used is:

  1. If the user mailnull is defined in the /etc/passwd file, the user ID and group ID assigned to mailnull are used.

  2. If mailnull is not defined and the user sendmail is defined in the /etc/passwd file, the user ID and group ID assigned to the user sendmail are used.

  3. If neither mailnull nor sendmail is defined in /etc/passwd and the user daemon is defined, the user ID and group ID assigned to daemon are used.

  4. If neither mailnull , nor sendmail , nor daemon is defined in the /etc/passwd file, 1 is used as the user ID and 1 is used as the group ID.

Use confDEF_USER_ID in the m4 master configuration file to override these default values. The master configuration file delivered with Red Hat Linux 8.0 provides an example of how the confDEF_USER_ID command is used. It contains the following: 

 define(`confDEF_USER_ID',`8:12')

This define command sets the user ID to 8 and the group ID to 12 for the DefaultUser option. These values are associated with the username mail and the groupname mail found in the /etc/passwd and /etc/group files delivered with the Red Hat Linux 8.0 system. The Red Hat configuration uses numeric UID and GID values for the confDEF_USER_ID define. However, string values are also acceptable. The following command sets exactly the same values for the Red Hat system: 

 define(`confDEF_USER_ID',`mail:mail')

This would also work: 

 define(`confDEF_USER_ID',`mail')

This works because, when the GID field is empty and the UID is a string value, the GID value defined in the /etc/passwd entry for the specified username is used. It is also possible to define the GID value separately using confDEF_GROUP_ID . However, confDEF_GROUP_ID has been deprecated and should not be used.

Given all of these options for setting the DefaultUser value, it is interesting to note that not one of them is used here. Instead, we opted to use the default mailnull user ID. There are two advantages to doing so:

  • First, using the default mailnull user ID can be done without any sendmail configuration changes.

  • Second, mailnull is the default value that most sendmail administrators expect to find.

In fact, many Unix systems come with an entry for the user mailnull already in the /etc/passwd file. If that is the case on your system, there is no need to implement this recipe because your system is already using the DefaultUser option. A simple grep shows the mailnull entries from the /etc/passwd file and the /etc/shadow file, if they exist: 

 # grep mailnull /etc/passwd mailnull:x:47:47::/var/spool/mqueue:/dev/null # grep mailnull /etc/shadow mailnull:!!:11267:0:99999:7:::

Some Unix systems don't provide /etc/passwd and /etc/group entries for the DefaultUser option, so you will need to add them yourself. If you do add a mailnull user account, there are three characteristics of that account that you need to be aware of:

  • mailnull must not have an associated password. The mailnull user created in this recipe does not have a valid password in either the /etc/passwd file or the /etc/shadow file.

  • mailnull must not have a valid login shell. In this recipe, mailnull is given /bin/false as its login shell in the /etc/passwd file.

  • mailnull must not own any files.

These three requirements help prevent the account from being exploited to gain unauthorized access.

See Also

Recipe 10.10 covers the RunAsUser option ”an incompatible option that is sometimes confused with the DefaultUser option. For information on the /etc/passwd , /etc/shadow , and /etc/group files see a good system administration text, such as Essential System Administration , Third Edition, by leen Frisch (O'Reilly). The sendmail book covers the DefaultUser option in Section 10.8.2.1 and Section 24.9.29.


Previous page
Table of content
Next page
Sendmail Cookbook
sendmail Cookbook
ISBN: 0596004710
EAN: 2147483647
Year: 2005
Pages: 178
Authors: Craig Hunt
BUY ON AMAZON
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
The Complete Cisco VPN Configuration Guide
Cisco Voice Gateways and Gatekeepers
Competency-Based Human Resource Management
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy