inn.conf: Support for `newsuser', `newsgrp' options (patch is, hopefully, included)

Ivan Shmakov oneingray at gmail.com
Sat Dec 22 03:17:06 UTC 2007


>>>>> Russ Allbery <rra at stanford.edu> writes:

 >>> It is a bit different in INN 2.5 since inndstart is no longer used:
 >>> backends/innbind is now starting everything and it will not change
 >>> users.  So perhaps get_news_uid_gid() should not be used there and
 >>> the code kept intact (?)

 >>> /* If we're running privileged (effective and real UIDs are different),
 >>>    convert NEWSUSER to a UID and exit if run by another user.  Don't do
 >>>    this if we're not running privileged to make installations that don't
 >>>    need privileged ports easier and to make testing easier. */

[...]

 >> Looks like `ensure_news_user (0)' will fit there, like:

 > ensure_news_user setuids to the news user, which is the wrong thing to do
 > for innbind.  It needs to continue running as root and just needs to check
 > that its real UID is the same as the news user (for security reasons).

	Not exactly.  Its signature is:

void ensure_news_user (int may_setuid_p);

	When MAY_SETUID_P is false it doesn't try to setuid ().



More information about the inn-workers mailing list