Date: Sat, 1 Mar 1997 15:50:32 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: henrich@crh.cl.msu.edu (Charles Henrich) Cc: mpp@freefall.freebsd.org (Mike Pritchard), freebsd-bugs@freebsd.org Subject: Re: mail.local modifications? Message-ID: <Mutt.19970301155032.j@uriah.heep.sax.de> In-Reply-To: <199702282331.SAA07013@crh.cl.msu.edu>; from Charles Henrich on Feb 28, 1997 18:31:27 -0500 References: <199702280358.TAA11910@freefall.freebsd.org> <199702282331.SAA07013@crh.cl.msu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
As Charles Henrich wrote:
> Okay here is the correct patch. This is the same one I've been running for
> years, so unless I had a complete brain fart, it works wonderful. Everyone
> please review and commit asap, thanks!
Charles, you'd really make our work easier by using a consistent
style, and adhering to style(9) wherever it makes sense. As it was,
it took just another 15 minutes for somebody else to walk over your
patch, where you could have done it without any additional effort in
the first place.
Bruce, please reconsider the patch.
Index: mail.local.c
===================================================================
RCS file: /home/ncvs/src/libexec/mail.local/mail.local.c,v
retrieving revision 1.12
diff -u -u -r1.12 mail.local.c
--- mail.local.c 1997/02/22 14:21:48 1.12
+++ mail.local.c 1997/03/01 14:47:58
@@ -203,6 +203,7 @@
int mbfd, nr, nw, off;
char biffmsg[100], buf[8*1024], path[MAXPATHLEN];
off_t curoff;
+ uid_t saveeuid;
/*
* Disallow delivery to unknown names -- special mailboxes can be
@@ -238,6 +239,9 @@
* XXX
* open(2) should support flock'ing the file.
*/
+
+ saveeuid = geteuid();
+
tryagain:
if (lstat(path, &sb)) {
mbfd = open(path,
@@ -250,11 +254,31 @@
warn("chown %u.%u: %s", pw->pw_uid, pw->pw_gid, name);
return;
}
+
+ /*
+ * Now that the box is created and permissions are
+ * correct, we close it and go back to the top so that
+ * we will come in and write as the user. We don't
+ * seteuid() before the above open, because we have to
+ * be root/bin to write in /var/mail.
+ */
+
+ close(mbfd);
+ goto tryagain;
+
} else if (sb.st_nlink != 1 || S_ISLNK(sb.st_mode)) {
e_to_sys(errno);
warn("%s: linked file", path);
return;
} else {
+
+ /* Become the user, so quota enforcement will occur */
+
+ if (seteuid(pw->pw_uid) != 0) {
+ warn("Unable to seteuid()");
+ return;
+ }
+
mbfd = open(path, O_APPEND|O_WRONLY, 0);
if (mbfd != -1 &&
(fstat(mbfd, &fsb) || fsb.st_nlink != 1 ||
@@ -262,6 +286,7 @@
sb.st_ino != fsb.st_ino)) {
warn("%s: file changed after open", path);
(void)close(mbfd);
+ seteuid(saveeuid);
return;
}
}
@@ -269,6 +294,8 @@
if (mbfd == -1) {
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
+ seteuid(saveeuid);
+
return;
}
@@ -279,10 +306,10 @@
goto err1;
}
+ curoff = lseek(mbfd, (off_t)0, SEEK_END);
+
if (!nobiff) {
- /* Get the starting offset of the new message for biff. */
- curoff = lseek(mbfd, (off_t)0, SEEK_END);
- (void)snprintf(biffmsg, sizeof(biffmsg), "%s@%qd\n",
+ (void)snprintf(biffmsg, sizeof(biffmsg), "%s@%qd\n",
name, curoff);
}
@@ -304,6 +331,7 @@
warn("temporary file: %s", strerror(errno));
err2: (void)ftruncate(mbfd, curoff);
err1: (void)close(mbfd);
+ seteuid(saveeuid);
return;
}
@@ -320,8 +348,11 @@
if (close(mbfd)) {
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
+ seteuid(saveeuid);
return;
}
+
+ seteuid(saveeuid);
if (!nobiff)
notifybiff(biffmsg);
--
cheers, J"org
joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19970301155032.j>