dce5acf88b
- incorporate feedback from author in SECURITY - move post-install message from INSTALL to MESSAGE - Makefile-patch -> MAKE_FLAGS
22 lines
1004 B
Plaintext
22 lines
1004 B
Plaintext
Security issues:
|
|
|
|
The author recommends that a seperate user 'popa3d' is created. However,
|
|
for ease of installation this port uses 'nobody'. Don't use 'nobody' for
|
|
anything else, or recompile popa3d to use 'popa3d' and create that user
|
|
yourself.
|
|
|
|
The onetime use of strcmp seems correct. One parameter is 'pw->passwd',
|
|
obtained from a call to getpwnam. The other parameter is 'pass', which is
|
|
derived from an input-buffer of which popa3d takes care not to overrun.
|
|
|
|
sprintf is used once. Its parameters are 'MAIL_SPOOL_PATH', which is a
|
|
compile-time constant and 'mailbox', which is the username, derived from
|
|
the password-file.
|
|
Feedback from author: "buffer is malloc()'ed one line earlier to the correct
|
|
size, regardless of where the input comes from. The only required property of
|
|
those two strings, is that they're of a sane length not to cause an integer
|
|
overflow in the addition".
|
|
|
|
One more time: POP3 is inherently insecure. Passwords are sent in cleartext,
|
|
everytime a user checks his mailbox.
|