aboutsummaryrefslogtreecommitdiffstats
path: root/mail
diff options
context:
space:
mode:
authorwjv <wjv@FreeBSD.org>2002-05-09 20:50:27 +0800
committerwjv <wjv@FreeBSD.org>2002-05-09 20:50:27 +0800
commit5b776eeb51375e5ec57a2198ce174df9101726f9 (patch)
tree83fba40694ade1c0ac60cf7b753c09ea03969518 /mail
parentf86f9ad7d528f0154c7b2ff552e6e23235f92b1b (diff)
downloadfreebsd-ports-graphics-5b776eeb51375e5ec57a2198ce174df9101726f9.tar.gz
freebsd-ports-graphics-5b776eeb51375e5ec57a2198ce174df9101726f9.tar.zst
freebsd-ports-graphics-5b776eeb51375e5ec57a2198ce174df9101726f9.zip
- Work around a very obscure but potentially severe security problem.
Should a user... - use su(1) or sudo to gain root privileges in such a way that his own environment is maintained, and - should that user have the variable USERNAME defined in his environment to point to his own username (not entirely unlikely), and - should the user install the Mailman port and immediately deinstall it, ... his own userid will be deleted by $PKGDEINSTALL. The short-term fix implemented here is to munge the names of the variables used by the port's Makefile. - Correctly list image directory in $PLIST, even if the user changes it from the default. - Add a WITH_APACHE2 knob and document it. - Bump PORTREVISION Submitted by: Volker Stolz <vs@lambda.foldr.org> (security issue)
Diffstat (limited to 'mail')
-rw-r--r--mail/mailman/Makefile42
-rw-r--r--mail/mailman/files/pkg-opts13
-rw-r--r--mail/mailman/pkg-plist11
3 files changed, 37 insertions, 29 deletions
diff --git a/mail/mailman/Makefile b/mail/mailman/Makefile
index 11700064824..f5e98215af8 100644
--- a/mail/mailman/Makefile
+++ b/mail/mailman/Makefile
@@ -7,6 +7,7 @@
PORTNAME= mailman
PORTVERSION= 2.0.10
+PORTREVISION= 1
CATEGORIES= mail
MASTER_SITES= http://www.list.org/ \
${MASTER_SITE_GNU} \
@@ -16,12 +17,17 @@ EXTRACT_SUFX= .tgz
MAINTAINER= wjv@FreeBSD.org
+.if defined(WITH_APACHE2)
+RUN_DEPENDS= ${LOCALBASE}/sbin/httpd:${PORTSDIR}/www/apache2
+.else
RUN_DEPENDS= ${LOCALBASE}/sbin/httpd:${PORTSDIR}/www/apache13
+.endif
HAS_CONFIGURE= yes
USE_PYTHON= yes
CONFIGURE_ARGS= --prefix=${MAILMANDIR} --with-python=${PYTHON_CMD} \
- --with-username=${USERNAME} --with-groupname=${GROUPNAME} \
+ --with-username=${MM_USERNAME} \
+ --with-groupname=${MM_GROUPNAME} \
--with-mail-gid=${MAIL_GID} --with-cgi-gid=${CGI_GID}
PKGOPTS= ${FILESDIR}/pkg-opts
@@ -31,26 +37,26 @@ PKGOPTS= ${FILESDIR}/pkg-opts
# build time. Getting the values of some of them right is crucial!
# Perform a "make options" to see more information on these variables.
#
-USERNAME?= mailman
-USERID?= 91
-GROUPNAME?= ${USERNAME}
-GROUPID?= ${USERID}
-MMDIR?= mailman
+MM_USERNAME?= mailman
+MM_USERID?= 91
+MM_GROUPNAME?= ${MM_USERNAME}
+MM_GROUPID?= ${MM_USERID}
+MM_DIR?= mailman
.if ${OSVERSION} >= 450000
MAIL_GID?= 26
.else
MAIL_GID?= 1
.endif
CGI_GID?= 80
-IMGDIR= ${PREFIX}/www/icons
+IMGDIR= www/icons
#
# End of user-configurable variables.
-MAILMANDIR= ${PREFIX}/${MMDIR}
+MAILMANDIR= ${PREFIX}/${MM_DIR}
PKGMESSAGE= ${WRKDIR}/pkg-message
PKGINSTALL= ${WRKDIR}/pkg-install
PKGDEINSTALL= ${WRKDIR}/pkg-deinstall
-PLIST_SUB= MMDIR=${MMDIR} MMGRP=${GROUPNAME}
+PLIST_SUB= MMDIR=${MM_DIR} MMGRP=${MM_GROUPNAME} IMGDIR=${IMGDIR}
options:
@ ${ECHO_MSG} "===> Build options for ${PKGNAME}:"
@@ -66,16 +72,17 @@ post-extract:
.endif
pre-configure:
- @ ${SED} -e 's#%%USER%%#${USERNAME}#g' -e 's#%%UID%%#${USERID}#g' \
- -e 's#%%GROUP%%#${GROUPNAME}#g' -e 's#%%GID%%#${GROUPID}#g' \
+ @ ${SED} \
+ -e 's#%%USER%%#${MM_USERNAME}#g' -e 's#%%UID%%#${MM_USERID}#g' \
+ -e 's#%%GROUP%%#${MM_GROUPNAME}#g' -e 's#%%GID%%#${MM_GROUPID}#g' \
-e 's#%%MAILMANDIR%%#${MAILMANDIR}#g' pkg-install > \
${PKGINSTALL}
# Mailman's configure script needs the "mailman" user/group to exist.
@ ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-configure:
- @ ${SED} -e 's#%%USER%%#${USERNAME}#g' \
- -e 's#%%GROUP%%#${GROUPNAME}#g' \
+ @ ${SED} -e 's#%%USER%%#${MM_USERNAME}#g' \
+ -e 's#%%GROUP%%#${MM_GROUPNAME}#g' \
-e 's#%%PYTHON_CMD%%#${PYTHON_CMD}#g' \
-e 's#%%MAILMANDIR%%#${MAILMANDIR}#g' pkg-deinstall > \
${PKGDEINSTALL}
@@ -89,12 +96,13 @@ post-install:
.for dir in cron scripts
@ ${PYTHON_CMD} ${PYTHON_LIBDIR}/compileall.py ${MAILMANDIR}/${dir}
.endfor
- @ ${CHGRP} -R ${GROUPNAME} ${MAILMANDIR}
- @ ${MKDIR} ${IMGDIR}
+ @ ${CHGRP} -R ${MM_GROUPNAME} ${MAILMANDIR}
+ @ ${MKDIR} ${PREFIX}/${IMGDIR}
.for imgfile in mailman.jpg PythonPowered.png gnu-head-tiny.jpg
- @ ${CP} ${MAILMANDIR}/icons/${imgfile} ${IMGDIR}
+ @ ${CP} ${MAILMANDIR}/icons/${imgfile} ${PREFIX}/${IMGDIR}
.endfor
- @ uudecode -p ${FILESDIR}/powerlogo.gif.uue > ${IMGDIR}/powerlogo.gif
+ @ uudecode -p ${FILESDIR}/powerlogo.gif.uue > \
+ ${PREFIX}/${IMGDIR}/powerlogo.gif
.if !defined(NOPORTDOCS)
@ ${MKDIR} ${DOCSDIR}
.for docfile in BUGS FAQ INSTALL NEWS README* UPGRADING
diff --git a/mail/mailman/files/pkg-opts b/mail/mailman/files/pkg-opts
index b2270cac3f6..6ddc1312ede 100644
--- a/mail/mailman/files/pkg-opts
+++ b/mail/mailman/files/pkg-opts
@@ -2,13 +2,13 @@
# Multi-line/long description (optional).
# Multi-line/long description lines must start with whitespace!
#
-USERNAME|mailman|The username of the Mailman user
-USERID|92|The user ID of the Mailman user
+MM_USERNAME|mailman|The username of the Mailman user
+MM_USERID|92|The user ID of the Mailman user
It is recommended that you do not change this option.
-GROUPNAME|mailman|The group to which the Mailman user will belong
-GROUPID|92|The group ID for the Mailman user
+MM_GROUPNAME|mailman|The group to which the Mailman user will belong
+MM_GROUPID|92|The group ID for the Mailman user
It is recommended that you do not change this option.
-MMDIR|mailman|Mailman will be installed in ${PREFIX}/${MMDIR}
+MM_DIR|mailman|Mailman will be installed in ${PREFIX}/${MM_DIR}
MAIL_GID|26|The group id under which your MTA performs mail delivery
Getting the value of MAIL_GID right is crucial to getting Mailman to
work with your MTA. By default this port works with sendmail. If
@@ -25,4 +25,5 @@ CGI_GID|80|The group id under which your web server executes CGI scripts
By default, this port works with the current port of Apache. If your
WWW server executes CGI scripts under a different GID, you'll have to
set this at build time.
-IMGDIR|${PREFIX}/www/data/icons|The directory where icon images will be installed
+IMGDIR|www/icons|Icon images will be installed in ${PREFIX}/${IMGDIR}
+WITH_APACHE2|undefined|Port depends on Apache 2.x if defined, not 1.3.x
diff --git a/mail/mailman/pkg-plist b/mail/mailman/pkg-plist
index 1a1cb15ae73..edb004acb7a 100644
--- a/mail/mailman/pkg-plist
+++ b/mail/mailman/pkg-plist
@@ -8,6 +8,10 @@
@exec mkdir -p %D/%%MMDIR%%/logs && chmod 2775 %D/%%MMDIR%%/logs
@exec mkdir -p %D/%%MMDIR%%/qfiles && chmod 2775 %D/%%MMDIR%%/qfiles
@exec mkdir -p %D/%%MMDIR%%/spam && chmod 2775 %D/%%MMDIR%%/spam
+%%IMGDIR%%/PythonPowered.png
+%%IMGDIR%%/gnu-head-tiny.jpg
+%%IMGDIR%%/mailman.jpg
+%%IMGDIR%%/powerlogo.gif
%%MMDIR%%/Mailman/Archiver/Archiver.py
%%MMDIR%%/Mailman/Archiver/Archiver.pyc
%%MMDIR%%/Mailman/Archiver/HyperArch.py
@@ -297,10 +301,6 @@
%%PORTDOCS%%share/doc/mailman/README.QMAIL
%%PORTDOCS%%share/doc/mailman/README.SENDMAIL
%%PORTDOCS%%share/doc/mailman/UPGRADING
-www/icons/PythonPowered.png
-www/icons/gnu-head-tiny.jpg
-www/icons/mailman.jpg
-www/icons/powerlogo.gif
@dirrm %%MMDIR%%/templates
@dirrm %%MMDIR%%/scripts
@dirrm %%MMDIR%%/mail
@@ -317,8 +317,6 @@ www/icons/powerlogo.gif
@dirrm %%MMDIR%%/Mailman/Bouncers
@dirrm %%MMDIR%%/Mailman/Archiver
%%PORTDOCS%%@dirrm share/doc/mailman
-@unexec rmdir %D/www/icons 2>/dev/null || true
-@unexec rmdir %D/www 2>/dev/null || true
@unexec rmdir %D/%%MMDIR%%/spam 2>/dev/null || true
@unexec rmdir %D/%%MMDIR%%/qfiles 2>/dev/null || true
@unexec rmdir %D/%%MMDIR%%/logs 2>/dev/null || true
@@ -329,3 +327,4 @@ www/icons/powerlogo.gif
@unexec rmdir %D/%%MMDIR%%/archives 2>/dev/null || true
@unexec rmdir %D/%%MMDIR%%/Mailman 2>/dev/null || true
@unexec rmdir %D/%%MMDIR%%/ 2>/dev/null || true
+@unexec rmdir %D/%%IMGDIR%% 2>/dev/null || true