[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ZCONFIG patch

To: zmailer@nic.funet.fi
Subject: ZCONFIG patch
From: Eugene Crosser <crosser@rol.ru>
Date: 11 Jul 2002 18:05:37 +0400
Original-Recipient: rfc822;zmailer-log@nic.funet.fi
Sender: zmailer-owner@nic.funet.fi

Something like this?

Index: libc/getzenv.c
===================================================================
RCS file: /cvsroot/zmailer/libc/getzenv.c,v
retrieving revision 1.5
diff -u -r1.5 getzenv.c
--- libc/getzenv.c      2001/01/15 15:12:04     1.5
+++ libc/getzenv.c      2002/07/11 14:02:02
@@ -27,13 +27,35 @@
 static char *zenviron = NULL;
 static int zenvlen = 0;

-int
-readzenv(file)
-       const char *file;
+static int readzenv __((void));
+
+static int
+readzenv(void)
 {
+       char *file;
        int fd;
        struct stat stbuf;

+       if ((file=getenv("ZCONFIG"))) {
+         if (getuid() != geteuid()) {
+           if (access(file,W_OK) == 0) {
+             fprintf(stderr, "attempt to use config file %s that is "
+                               "writable by the invoker of setuid "
+                               "program prevented! (uid=%d, euid=%d)\n",
+               file,getuid(),geteuid());
+             file=ZMAILER_ENV_FILE;
+           }
+           if (access(file,R_OK) != 0) {
+             fprintf(stderr, "attempt to use config file %s that is "
+                               "not readable by the invoker of setuid "
+                               "program prevented! (uid=%d, euid=%d)\n",
+               file,getuid(),geteuid());
+             file=ZMAILER_ENV_FILE;
+           }
+         }
+       } else
+         file=ZMAILER_ENV_FILE;
+
        fd = open(file, 0);
        if (fd < 0) {
          fprintf(stderr, "%s: open: %s: %s\n",
@@ -86,7 +108,7 @@

        len = zenvlen;
        if (len <= 0) {
-         if (!readzenv(ZMAILER_ENV_FILE))
+         if (!readzenv())
            return NULL;
          len = zenvlen;
          if (len <= 0)
Index: include/libc.h
===================================================================
RCS file: /cvsroot/zmailer/include/libc.h,v
retrieving revision 1.11
diff -u -r1.11 libc.h
--- include/libc.h      2002/02/11 15:12:10     1.11
+++ include/libc.h      2002/07/11 14:02:02
@@ -24,7 +24,6 @@
 extern int getdtablesize __((void));

 /* getzenv.c */
-extern int         readzenv __((const char *file));
 extern const char *getzenv  __((const char *variable));

 /* mail.c */
Index: include/mail.h.in
===================================================================
RCS file: /cvsroot/zmailer/include/mail.h.in,v
retrieving revision 1.11
diff -u -r1.11 mail.h.in
--- include/mail.h.in   2001/07/29 18:21:39     1.11
+++ include/mail.h.in   2002/07/11 14:02:02
@@ -87,7 +87,6 @@
 /* These following are declared in order they are in prespective files */

 /* getzenv.c */
-extern int         readzenv __((const char *file));
 extern const char *getzenv  __((const char *variable));

 /* mail.c */
Index: proto/zmailer.sh.in
===================================================================
RCS file: /cvsroot/zmailer/proto/zmailer.sh.in,v
retrieving revision 1.18
diff -u -r1.18 zmailer.sh.in
--- proto/zmailer.sh.in 2001/10/16 20:29:23     1.18
+++ proto/zmailer.sh.in 2002/07/11 14:02:02
@@ -35,7 +35,8 @@
 fi
 FLAGS="defaults 50"

-ZCONFIG=@ZMAILERCFGFILE@
+ZCONFIG=${ZCONFIG:-@ZMAILERCFGFILE@}
+export ZCONFIG

 # Sense how the  echo  works, it is either, or..
 # There are POSIX echos, SysV echos, BSD echos...


-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi

Prev by Date: Re: getzenv() to use (unix) environment ZCONFIG
Next by Date: Re: getzenv() to use (unix) environment ZCONFIG
Prev by thread: Re: getzenv() to use (unix) environment ZCONFIG
Next by thread: smtp busylooping
Index(es):
- Date
- Thread