inn.conf: Support for `newsuser', `newsgrp' options (patch is, hopefully, included)
Ivan Shmakov
oneingray at gmail.com
Fri Dec 14 14:49:19 UTC 2007
>>>>> Julien ÉLIE <julien at trigofacile.com> writes:
>>> Ecartis does all sorts of fascinating things to messages for no
>>> particularly good reasons.
>> Oh, now I see, it strips MIME attachments, too!
> Yes, that's true. I think it is the ml inn-patches [A.T.] isc.org
> which does not strip such attachments.
Is it available from Gmane?
>> I've actually have written some code already. Could you take a look
>> at it?
> That looks like a very good start.
> But shouldn't ensure_news_user_grp() also be factorised in
> frontends/rnews.c, innd/innd.c, nnrpd/nnrpd.c, storage/ovdb/ovdb.c
> and storage/tradindexed/tdx-util.c? I see the same patterns in these
> files.
Surely.
>> There's an issue with get_news_uid_gid () -- it assumes innconf !=
>> NULL (i. e., `inn.conf' was read.) However, when `inndstart' is
>> started ``setuid root'', it's way more secure to read `inn.conf'
>> /after/ dropping privileges (as it's done now.) So,
>> get_news_uid_gid () should contain a fallback, like:
>> const char *newsuser = innconf != 0 ? innconf->newsuser : NEWSUSER;
>> const char *newsgrp = innconf != 0 ? innconf->newsgrp : NEWSGRP;
>> to be used in `inndstart'.
> It is a bit different in INN 2.5 since inndstart is no longer used:
> backends/innbind is now starting everything and it will not change
> users. So perhaps get_news_uid_gid() should not be used there and
> the code kept intact (?)
> /* If we're running privileged (effective and real UIDs are different),
> convert NEWSUSER to a UID and exit if run by another user. Don't do
> this if we're not running privileged to make installations that don't
> need privileged ports easier and to make testing easier. */
> real_uid = getuid();
> if (real_uid != geteuid()) {
Looks like `ensure_news_user (0)' will fit there, like:
-> pwd = getpwnam(NEWSUSER);
-> if (pwd == NULL)
-> die("cannot get UID for %s", NEWSUSER);
-> if (real_uid != pwd->pw_uid)
-> if (real_uid != news_uid)
-> die("must be run by user %s (%lu), not %lu", NEWSUSER,
-> (unsigned long) pwd->pw_uid, (unsigned long) real_uid);
+ ensure_news_user (0);
> }
Provided that get_news_uid_gid () (on top of which
ensure_news_user () is implemented) is corrected as suggested
above.
>> There may be other issues with the code, so I'd ask not to apply
>> these patches right now. However, I'll appreciate any comments on
>> them.
> Well, I am not an expert so I do not have many comments on that (I
> believe other people here will provide you with wise remarks).
Thanks for reading the code, anyway.
[...]
> + char *newsuser; /* User to run under */
> + char *newsgrp; /* Group to run under */
> It should be detabify for INN's coding style ;-) But it does not
> matter much.
Yes, I've spotted that, too.
> Well, here are a few remaining and easy patches (and
> doc/pod/inn.conf.pod should also be updated):
[...]
Thanks!
More information about the inn-workers
mailing list