Hello.

Please find below a patch for the sendsms script, making it work without superuser privileges.

Currently, the sendsms script must execute with root privileges because it invokes chown(1). It can be made available for other users either by setting the SUID bit or via sudo(8). The former method is a well-known security risk, and the latter is inconvenient because it complicates the non-interactive use of the sendsms script, e.g. from other scripts.

The patch improves the situation by allowing the members of the smsd group to run the script without escalated privileges. The actual names of the user and group of the smsd process may vary and are therefore determined from the inode of the outgoing message directory.

The old authorization mechanism based on MD5-hashed keys is a bit pointless in my opinion, so the patch proposes its removal. With sudo, authorization is better handled via the sudoers(5) file, and with SUID bit set, you can basically consider your Linux and most UNIX systems already compromised.

There is one problem in the patch, though. When run as non-root user, the contents of the submitted message are visible to other members of the group as well, at least for a short period of time before it is sent. But as long as message submission in based on a shared directory, I cannot really see a way around this. One secure solution would be to implement submission via a socket. If someone thinks that this kind of visibility is a bigger security problem than requiring escalated privileges for the script, he can keep running the script as root, in which case the updated script will still invoke chown instead of chgrp(1) and chmod(1).

BR,
Kaarle

diff -ru smstools3/scripts/sendsms smstools3.send-non-root/scripts/sendsms --- smstools3/scripts/sendsms 2010-07-08 15:41:13.000000000 +0300 +++ smstools3.send-non-root/scripts/sendsms 2013-05-14 21:45:28.226386668 +0300 @@ -10,15 +10,14 @@ # If a destination is asked, you can type multiple numbers # delimited with spaces. -# Keys for example: "password" and "keke": -# KEYS="5f4dcc3b5aa765d61d8327deb882cf99 4a5ea11b030ec1cfbc8b9947fdf2c872 " +OUT_DIR=/var/spool/sms/outgoing +SMSD_GID=`stat -c %g $OUT_DIR` -KEYS="" - -# When creating keys, remember to use -n for echo: -# echo -n "key" | md5sum +if [ `id -u` -gt 0 ] && ! echo " `id -G` " | grep -q " $SMSD_GID "; then + echo "Permission denied" + exit 1 +fi -smsd_user="smsd" # Will need echo which accepts -n argument: ECHO=echo @@ -28,20 +27,6 @@ ;; esac -if ! [ -z "$KEYS" ]; then - printf "Key: " - read KEY - if [ -z "$KEY" ]; then - echo "Key required, stopping." - exit 1 - fi - KEY=`$ECHO -n "$KEY" | md5sum | awk '{print $1;}'` - if ! echo "$KEYS" | grep "$KEY" >/dev/null; then - echo "Incorrect key, stopping." - exit 1 - fi -fi - DEST=$1 TEXT=$2 @@ -85,13 +70,6 @@ fi fi -owner="" -if [ -f /etc/passwd ]; then - if grep $smsd_user: /etc/passwd >/dev/null; then - owner=$smsd_user - fi -fi - for destination in $destinations do echo "To: $destination" @@ -107,10 +85,13 @@ $ECHO -n "$TEXT" | iconv -t UNICODEBIG >> $TMPFILE fi - if [ "x$owner" != x ]; then - chown $owner $TMPFILE + if [ `id -u` -eq 0 ]; then + chown `stat -c %u $OUT_DIR` $TMPFILE + else + chgrp $SMSD_GID $TMPFILE + chmod g+r $TMPFILE fi - FILE=`mktemp /var/spool/sms/outgoing/send_XXXXXX` + FILE=`mktemp $OUT_DIR/send_XXXXXX` mv $TMPFILE $FILE done

Hi.

Thank you for the patch but I have a problem.

When I send the sms the file go and stay to the directory outgoing.

nicola@debian:/var/spool/sms$ echo Test2 | sudo sendsms2 +336xxxxxxxx Text: -- Text: Test2 To: +336xxxxxxxx nicola@debian:/var/spool/sms$ ls -al outgoing/ total 12 drwxrwsr-t 2 smsd smsd 4096 nov. 30 19:14 . drwxrwsr-t 7 smsd smsd 4096 nov. 30 16:18 .. -rw-r----- 1 nicola smsd 23 nov. 30 19:10 send_22JOwI

I put my user in the group smsd
smsd:x:112:nicola

Can you help me please ?