inn.conf: Support for `newsuser', `newsgrp' options (patch is, hopefully, included)
Ivan Shmakov
oneingray at gmail.com
Sat Dec 22 03:43:31 UTC 2007
>>>>> Julien ÉLIE <julien at trigofacile.com> writes:
>>> Looks like `ensure_news_user (0)' will fit there, like:
>> ensure_news_user setuids to the news user, which is the wrong thing
>> to do for innbind. It needs to continue running as root and just
>> needs to check that its real UID is the same as the news user (for
>> security reasons).
However, ensure_news_user () checks EUID, and not UID, so yes,
it's unsuitable there.
> Oh, you're right. I have just adapted the patch to:
[...]
> /* If we're running privileged (effective and real UIDs are different),
> - convert NEWSUSER to a UID and exit if run by another user. Don't do
> + convert newsuser to a UID and exit if run by another user. Don't do
> this if we're not running privileged to make installations that don't
> need privileged ports easier and to make testing easier. */
> real_uid = getuid();
> if (real_uid != geteuid()) {
> - pwd = getpwnam(NEWSUSER);
> - if (pwd == NULL)
> - die("cannot get UID for %s", NEWSUSER);
> - if (real_uid != pwd->pw_uid)
> - die("must be run by user %s (%lu), not %lu", NEWSUSER,
> - (unsigned long) pwd->pw_uid, (unsigned long) real_uid);
> + get_news_uid_gid(&uid, 0, 1);
> + if (real_uid != uid) {
> + die("must be run by newsuser (%lu), not %lu",
> + (unsigned long) uid, (unsigned long) real_uid);
> + }
> }
> And it works well !
It seems to be the right thing.
More information about the inn-workers
mailing list