openbsd-ports/net/popa3d/pkg/SECURITY

Security issues:

The author recommends that a seperate user 'popa3d' is created. However,
for ease of installation this port uses 'nobody'. Don't use 'nobody' for
anything else, or recompile popa3d to use 'popa3d' and create that user
yourself.

The onetime use of strcmp seems correct. One parameter is 'pw->passwd',
obtained from a call to getpwnam. The other parameter is 'pass', which is
derived from an input-buffer of which popa3d takes care not to overrun.

sprintf is used once. Its parameters are 'MAIL_SPOOL_PATH', which is a
compile-time constant and 'mailbox', which is the username, derived from
the password-file. 
Feedback from author: "buffer is malloc()'ed one line earlier to the correct
size, regardless of where the input comes from. The only required property of
those two strings, is that they're of a sane length not to cause an integer
overflow in the addition".

One more time: POP3 is inherently insecure. Passwords are sent in cleartext, 
everytime a user checks his mailbox.
add popa3d; popa3d is a POP3 daemon by Solar Designer. In order, its design goals are: 1. Security (to the extent that is possible with POP3 at all, of course). 2. Reliability (again, as limited by the mailbox format and the protocol). 3. RFC compliance (slightly relaxed to work with real-world POP3 clients). 4. Performance (limited by the more important goals above) 1999-09-10 18:07:34 -04:00			`Security issues:`

upgrade to popa3d 0.4; From: maintainer 2000-02-03 13:45:38 -05:00			`The author recommends that a seperate user 'popa3d' is created. However,`
			`for ease of installation this port uses 'nobody'. Don't use 'nobody' for`
			`anything else, or recompile popa3d to use 'popa3d' and create that user`
			`yourself.`
add popa3d; popa3d is a POP3 daemon by Solar Designer. In order, its design goals are: 1. Security (to the extent that is possible with POP3 at all, of course). 2. Reliability (again, as limited by the mailbox format and the protocol). 3. RFC compliance (slightly relaxed to work with real-world POP3 clients). 4. Performance (limited by the more important goals above) 1999-09-10 18:07:34 -04:00
			`The onetime use of strcmp seems correct. One parameter is 'pw->passwd',`
			`obtained from a call to getpwnam. The other parameter is 'pass', which is`
upgrade to popa3d 0.4; From: maintainer 2000-02-03 13:45:38 -05:00			`derived from an input-buffer of which popa3d takes care not to overrun.`
add popa3d; popa3d is a POP3 daemon by Solar Designer. In order, its design goals are: 1. Security (to the extent that is possible with POP3 at all, of course). 2. Reliability (again, as limited by the mailbox format and the protocol). 3. RFC compliance (slightly relaxed to work with real-world POP3 clients). 4. Performance (limited by the more important goals above) 1999-09-10 18:07:34 -04:00
			`sprintf is used once. Its parameters are 'MAIL_SPOOL_PATH', which is a`
			`compile-time constant and 'mailbox', which is the username, derived from`
			`the password-file.`
- add MASTER_SITE - incorporate feedback from author in SECURITY - move post-install message from INSTALL to MESSAGE - Makefile-patch -> MAKE_FLAGS 2000-02-09 03:37:32 -05:00			`Feedback from author: "buffer is malloc()'ed one line earlier to the correct`
			`size, regardless of where the input comes from. The only required property of`
			`those two strings, is that they're of a sane length not to cause an integer`
			`overflow in the addition".`
add popa3d; popa3d is a POP3 daemon by Solar Designer. In order, its design goals are: 1. Security (to the extent that is possible with POP3 at all, of course). 2. Reliability (again, as limited by the mailbox format and the protocol). 3. RFC compliance (slightly relaxed to work with real-world POP3 clients). 4. Performance (limited by the more important goals above) 1999-09-10 18:07:34 -04:00
			`One more time: POP3 is inherently insecure. Passwords are sent in cleartext,`
- add MASTER_SITE - incorporate feedback from author in SECURITY - move post-install message from INSTALL to MESSAGE - Makefile-patch -> MAKE_FLAGS 2000-02-09 03:37:32 -05:00			`everytime a user checks his mailbox.`