From cjc@earthlink.net  Thu Sep 20 19:41:30 2001
Return-Path: <cjc@earthlink.net>
Received: from gull.mail.pas.earthlink.net (gull.mail.pas.earthlink.net [207.217.121.85])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7959137B40D; Thu, 20 Sep 2001 19:41:30 -0700 (PDT)
Received: from blossom.cjclark.org (dialup-209.244.105.202.Dial1.SanJose1.Level3.net [209.244.105.202])
	by gull.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id TAA22329;
	Thu, 20 Sep 2001 19:41:10 -0700 (PDT)
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.4/8.11.3) id f8KNdwr02459;
	Thu, 20 Sep 2001 16:39:58 -0700 (PDT)
	(envelope-from cjc)
Message-Id: <200109202339.f8KNdwr02459@blossom.cjclark.org>
Date: Thu, 20 Sep 2001 16:39:58 -0700 (PDT)
From: "Crist J. Clark" <cristjc@earthlink.net>
Reply-To: "Crist J. Clark" <cristjc@earthlink.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: stb@freebsd.org
Subject: setiathome port misuses the 'nobody' user
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         30701
>Category:       ports
>Synopsis:       setiathome port misuses the 'nobody' user
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 20 19:50:00 PDT 2001
>Closed-Date:    Tue Apr 08 22:09:56 PDT 2003
>Last-Modified:  Tue Apr 08 22:09:56 PDT 2003
>Originator:     Crist J. Clark
>Release:        FreeBSD 4.3-STABLE i386
>Organization:
>Environment:
System: FreeBSD blossom.cjclark.org 4.3-STABLE FreeBSD 4.3-STABLE #0: Mon Jul 16 14:47:08 PDT 2001 cjc@blossom.cjclark.org:/usr/obj/export/stable/src/sys/BLOSSOM i386

	FreeBSD Ports
>Description:
	As a default, the SETI@Home port uses the user 'nobody' to run
the setiathome application. This is not the proper usage of the
'nobody' account and is a security problem.

	The 'nobody' user was added as the account root is mapped to
when sharing NFS mounts. The intention is to have a user who can
access all files on a filesystem as the world can. That is, NO FILES
SHOULD EVER BE OWNED OR GROUPED TO 'nobody.' Doing so breaks this
security feature of NFS.

	Running setiathome creates a number of files in
/var/db/setiathome owned by 'nobody.' This is a violation of the NFS
security model.

>How-To-Repeat:
	Examine, /usr/ports/astro/setiathome/files/setiathome.sh. It
contains the line,

  seti_user=nobody                        # user id to run as

>Fix:
	The default port install should not use 'nobody.' The best way
to go is to add a dedicated user to run setiathome or ask if it should
use an existing user, IMHO. Of course, the user should be prompted
asking whether he wishes to add a user to the system. I can help with
patches to the install process if the maintainer wants a hand fixing
this.
>Release-Note:
>Audit-Trail:

2003-02-05: Maintainer by edwin@.


From: Cyrille Lefevre <cyrille.lefevre@laposte.net>
To: freebsd-gnats-submit@FreeBSD.org, cristjc@earthlink.net,
	Edwin Groothuis <edwin@FreeBSD.org>
Cc:  
Subject: Re: ports/30701: setiathome port misuses the 'nobody' user
Date: Thu, 13 Feb 2003 02:52:35 +0100

 hope this fill your needs.
 
 Index: pkg-install
 ===================================================================
 RCS file: /home/ncvs/ports/astro/setiathome/pkg-install,v
 retrieving revision 1.9
 diff -u -r1.9 pkg-install
 --- pkg-install	28 Jul 2002 22:13:45 -0000	1.9
 +++ pkg-install	13 Feb 2003 01:45:51 -0000
 @@ -14,7 +14,7 @@
  
  # override these variables in ${PREFIX}/etc/rc.setiathome.conf
  seti_wrkdir=/var/db/${PKG_NAME}		# working directory
 -seti_user=nobody			# user id to run under
 +seti_user=setiathome			# user id to run under
  seti_maxprocs=$(sysctl -n hw.ncpu)	# max. number of processes to start
  
  rcconf_dir=${PKG_PREFIX}/etc
 @@ -126,6 +126,9 @@
  echo "      to do so, but think about it twince before."
  	else
  echo "****  SETI@home working directory and temporary files removed."
 +	fi
 +	if pw usershow "${seti_user}" 2>/dev/null 1>&2; then
 +echo "To permanently delete SETI@home user, use 'pw userdel ${seti_user}'"
  	fi
  	;;
  
 Index: files/rc.setiathome.conf
 ===================================================================
 RCS file: /home/ncvs/ports/astro/setiathome/files/rc.setiathome.conf,v
 retrieving revision 1.4
 diff -u -r1.4 rc.setiathome.conf
 --- files/rc.setiathome.conf	28 Jul 2002 22:13:45 -0000	1.4
 +++ files/rc.setiathome.conf	13 Feb 2003 01:13:55 -0000
 @@ -7,6 +7,7 @@
  # seti_std_args=-email			# command arguments for standard mode
  # seti_reg_args=-login			# command arguments for register mode
  # seti_proxy_args=			# proxy arguments
 -# seti_user=nobody			# user id to run as
 +# seti_user=setiathome			# user id to run as
 +# seti_group=${seti_user}		# group id to run as
  # seti_nice=15				# nice level to run at
  # seti_maxprocs=$(sysctl -n hw.ncpu)	# max. number of processes to start
 Index: files/setiathome.sh
 ===================================================================
 RCS file: /home/ncvs/ports/astro/setiathome/files/setiathome.sh,v
 retrieving revision 1.9
 diff -u -r1.9 setiathome.sh
 --- files/setiathome.sh	28 Jul 2002 22:13:45 -0000	1.9
 +++ files/setiathome.sh	13 Feb 2003 01:47:51 -0000
 @@ -5,7 +5,12 @@
  # Start or stop SETI@home, or set up working directory and register.
  #
  
 +case $0 in
 +/*) rc_dir=${0%/*} ;;
 + *) rc_dir=${PWD:-$(pwd)} ;;
 +esac
  rc_file=${0##*/}
 +rc_path=${rc_dir}/${rc_file}
  rc_arg=$1
  
  # override these variables in ${PREFIX}/etc/rc.setiathome.conf
 @@ -13,11 +18,12 @@
  seti_std_args=-email			# command arguments for standard mode
  seti_reg_args=-login			# command arguments for register mode
  seti_proxy_args=			# proxy arguments
 -seti_user=nobody			# user id to run as
 +seti_user=setiathome			# user id to run as
 +seti_group=${seti_user}			# group id to run as
  seti_nice=15				# nice level to run at
  seti_maxprocs=$(sysctl -n hw.ncpu)	# max. number of processes to start
  
 -if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/${rc_file}\$"); then
 +if ! PREFIX=$(expr ${rc_path} : "\(/.*\)/etc/rc\.d/${rc_file}\$"); then
  	echo "${rc_file}: Cannot determine PREFIX." >&2
  	echo "Please use the complete pathname." >&2
  	exit 64
 @@ -102,10 +108,39 @@
  			"unable to register: ${program_path} is missing." >&2
  		exit 72
  	fi
 +	if pw group show "${seti_group}" 2>/dev/null; then
 +		echo "You already have a group \"${seti_group}\"," \
 +		     "so I will use it."
 +	elif pw groupadd ${seti_group} -h -; then
 +		echo "Added group \"${seti_group}\"."
 +	else
 +		echo "Adding group \"${seti_group}\" failed..."
 +		echo "Please create it, and try again."
 +		exit 1
 +	fi
 +	if pw user show "${seti_user}" 2>/dev/null; then
 +		echo "You already have a user \"${seti_user}\"," \
 +		     "so I will use it."
 +		if pw usermod ${seti_user} -d ${seti_wrkdir}; then
 +			echo "Changed home directory of \"${seti_user}\"" \
 +			     "to \"${seti_wrkdir}\""
 +		else
 +			echo "Changing home directory of \"${seti_user}\"" \
 +			     "to \"${setu_wrkdir}\" failed..."
 +			exit 1
 +		fi
 +	elif pw useradd ${seti_user} -g ${seti_group} -h - \
 +		-d ${seti_wrkdir} -s /sbin/nologin -c "SETI at home Daemon"; then
 +		echo "Added user \"${seti_user}\"."
 +	else
 +		echo "Adding user \"${seti_user}\" failed..."
 +		echo "Please create it, and try again."
 +		exit 1
 +	fi
  	# Create or update primary working directory (in case the uid changed)
 -	mkdir -p ${seti_wrkdir}
 -	chown ${seti_user} ${seti_wrkdir}
 -	chmod u=Xrw,g=Xr,o=Xr ${seti_wrkdir}
 +	mkdir -p ${seti_wrkdir} || exit
 +	chown -Rh ${seti_user}:${seti_group} ${seti_wrkdir} || exit
 +	chmod u=Xrw,g=Xr,o=Xr ${seti_wrkdir} || exit
  	seti_dontlogin=no
  	if [ -f ${seti_wrkdir}/user_info.sah ]; then
  		echo    "      It seems you have already registered with" \
 
 Cyrille.
 -- 
 Cyrille Lefevre                 mailto:cyrille.lefevre@laposte.net

From: Cyrille Lefevre <cyrille.lefevre@laposte.net>
To: freebsd-gnats-submit@FreeBSD.org, cristjc@earthlink.net
Cc:  
Subject: Re: ports/30701: setiathome port misuses the 'nobody' user
Date: Thu, 13 Feb 2003 03:47:52 +0100

 Index: Makefile
 ===================================================================
 RCS file: /home/ncvs/ports/astro/setiathome/Makefile,v
 retrieving revision 1.33
 diff -u -r1.33 Makefile
 --- Makefile	28 Dec 2002 01:40:54 -0000	1.33
 +++ Makefile	13 Feb 2003 02:39:22 -0000
 @@ -6,7 +6,7 @@
  
  PORTNAME=	setiathome
  PORTVERSION?=	3.03
 -PORTREVISION?=	5
 +PORTREVISION?=	6
  CATEGORIES?=	astro
  MASTER_SITES=	ftp://ftp.cdrom.com/pub/setiathome/ \
  		ftp://alien.ssl.berkeley.edu/pub/
 
 Cyrille.
 -- 
 Cyrille Lefevre                 mailto:cyrille.lefevre@laposte.net
State-Changed-From-To: open->closed 
State-Changed-By: cjc 
State-Changed-When: Tue Apr 8 22:07:56 PDT 2003 
State-Changed-Why:  
Just committed maintainer provided patches to switch to a "setiathome" 
user. See PR 50739.  

http://www.freebsd.org/cgi/query-pr.cgi?pr=30701 
>Unformatted:
