[INN-COMMITTERS] STABLE-2_3 inn/innfeed (misc.c)

Forrest J. Cavalier III mibsoft at epix.net
Fri Jun 30 05:21:07 UTC 2000

I wrote:

> I'd like someone to show me where that could happen.  I mean the
> inndstart wrapper script had the July 1999 defect fix, and therefore
> will read only a news-owned inn.conf, and innfeed.conf, right?

After a quick look at the code, apparently not fixed the
way I thought.  I forgot how the July 1999 hole was fixed.

Untrusted non-user-news data can get into many places in innd
and innfeed (which are setuid programs) through the configuration
file, which can be changed via an environment variable.

Can we finally fix ReadInnConf?  ReadInnConf should take an argument
which is the uid of what a setuid root program will eventually
drop to, and it should refuse to read any configuration file
owned or writable by any other uid.  Sound good?

More information about the inn-workers mailing list