INN commit: trunk (4 files)
INN Commit
rra at isc.org
Sun Jan 10 14:58:43 UTC 2016
Date: Sunday, January 10, 2016 @ 06:58:42
Author: iulius
Revision: 9980
rnews: fix a segfault while starting setuid news
It is a regression introduced with commit [9854]. Previously, rnews
called get_news_uid_gid() that handled the possibility of inn.conf
not having been read. Since that commit, rnews has been calling
ensure_news_user() that does not handle that case.
Especially, when --enable-uucp-rnews was used at configure time, the
effective UID returned by geteuid() was not root, and rnews segfaulted.
Thanks to Marcus Jodorf for the bug report.
Modified:
trunk/CONTRIBUTORS
trunk/doc/pod/news.pod
trunk/frontends/rnews.c
trunk/lib/newsuser.c
-------------------+
CONTRIBUTORS | 2 +-
doc/pod/news.pod | 5 +++++
frontends/rnews.c | 9 ++++++++-
lib/newsuser.c | 9 ++++++---
4 files changed, 20 insertions(+), 5 deletions(-)
Modified: CONTRIBUTORS
===================================================================
--- CONTRIBUTORS 2015-12-11 20:40:29 UTC (rev 9979)
+++ CONTRIBUTORS 2016-01-10 14:58:42 UTC (rev 9980)
@@ -276,5 +276,5 @@
Edmund H. Ramm, Raphael Barrois, Bo Lindbergh, Matthias Meyser,
Dennis Preiser, Paolo Amoroso, Dennis Davis, River Tarnell, Jochen Schmitt,
Tim Fardell, Remco Rijnders, David Binderman, Tony Evans, Christian Garbs,
-Jesse Rehmer, Colin Watson, Lauri Tirkkonen, Christian Mock,
+Jesse Rehmer, Colin Watson, Lauri Tirkkonen, Christian Mock, Marcus Jodorf,
Richard Kettlewell
Modified: doc/pod/news.pod
===================================================================
--- doc/pod/news.pod 2015-12-11 20:40:29 UTC (rev 9979)
+++ doc/pod/news.pod 2016-01-10 14:58:42 UTC (rev 9980)
@@ -21,6 +21,11 @@
=item *
+B<rnews> no longer segfaults at startup when started setuid news.
+Thanks to Marcus Jodorf for the bug report.
+
+=item *
+
When an encryption layer is negotiated during a successful use of the
STARTTLS command, or after a successful authentication using a SASL
mechanism which negotiates an encryption layer, B<nnrpd> now updates
Modified: frontends/rnews.c
===================================================================
--- frontends/rnews.c 2015-12-11 20:40:29 UTC (rev 9979)
+++ frontends/rnews.c 2016-01-10 14:58:42 UTC (rev 9980)
@@ -861,7 +861,14 @@
other setups where rnews might be setuid news or be run by other
processes in the news group. */
if (getuid() == 0 || geteuid() == 0) {
- ensure_news_user(true);
+ uid_t uid;
+
+ /* Do not use ensure_news_user() because it will fail to deal
+ * with the case of rnews being setuid news. */
+ get_news_uid_gid(&uid, false, true);
+ if (setuid(uid) < 0) {
+ sysdie("failed to setuid");
+ }
}
if (!innconf_read(NULL))
Modified: lib/newsuser.c
===================================================================
--- lib/newsuser.c 2015-12-11 20:40:29 UTC (rev 9979)
+++ lib/newsuser.c 2016-01-10 14:58:42 UTC (rev 9980)
@@ -69,7 +69,8 @@
if (geteuid() == 0) {
if (! may_setuid) {
/* NB: mustn't be run as root, unless "may_setuid" is true. */
- die("must be run as %s, not as root", innconf->runasuser);
+ die("must be run as %s, not as root",
+ innconf != NULL ? innconf->runasuser : RUNASUSER);
}
if (setuid(uid) < 0) {
sysdie("failed to setuid");
@@ -76,7 +77,8 @@
}
}
if (geteuid() != uid || getuid() != uid) {
- die("must be run as %s", innconf->runasuser);
+ die("must be run as %s",
+ innconf != NULL ? innconf->runasuser : RUNASUSER);
}
}
@@ -95,7 +97,8 @@
}
}
if (getegid() != gid || getgid() != gid) {
- die ("must be run as %s group", innconf->runasgroup);
+ die ("must be run as %s group",
+ innconf != NULL ? innconf->runasgroup : RUNASGROUP);
}
}
More information about the inn-committers
mailing list