diff options
| author | bwarsaw | 1998-06-01 19:38:42 +0000 |
|---|---|---|
| committer | bwarsaw | 1998-06-01 19:38:42 +0000 |
| commit | d6910ae78f3806d963a5c664980601a853671d4e (patch) | |
| tree | 105eb9b7dad68a50d7a9a9ba624e3c42eaef8424 /src | |
| parent | b340341ccc0523eb3f37f342419691d77ced44e9 (diff) | |
| download | mailman-d6910ae78f3806d963a5c664980601a853671d4e.tar.gz mailman-d6910ae78f3806d963a5c664980601a853671d4e.tar.zst mailman-d6910ae78f3806d963a5c664980601a853671d4e.zip | |
Diffstat (limited to 'src')
| -rw-r--r-- | src/cgi-wrapper.c | 8 | ||||
| -rw-r--r-- | src/common.c | 9 | ||||
| -rw-r--r-- | src/common.h | 2 | ||||
| -rw-r--r-- | src/mail-wrapper.c | 12 |
4 files changed, 13 insertions, 18 deletions
diff --git a/src/cgi-wrapper.c b/src/cgi-wrapper.c index 6d45e4004..3ff2543b7 100644 --- a/src/cgi-wrapper.c +++ b/src/cgi-wrapper.c @@ -24,12 +24,12 @@ /* passed in by configure */ #define SCRIPTNAME SCRIPT #define LOG_IDENT "Mailman cgi-wrapper (" ## SCRIPT ## ")" -#define LEGAL_PARENT_UID CGI_UID /* nobody's UID */ -#define LEGAL_PARENT_GID CGI_GID /* nobody's GID */ + +/* GID that CGI scripts run as. See your Web server's documentation. */ +#define LEGAL_PARENT_GID CGI_GID const char* logident = LOG_IDENT; const char* script = SCRIPTNAME; -const int parentuid = LEGAL_PARENT_UID; const int parentgid = LEGAL_PARENT_GID; @@ -38,7 +38,7 @@ main(int argc, char** argv, char** env) { int status; - check_caller(logident, parentuid, parentgid); + check_caller(logident, parentgid); /* if we get here, the caller is OK */ status = setuid(geteuid()); diff --git a/src/common.c b/src/common.c index 9e5b5137a..ca64c4e1d 100644 --- a/src/common.c +++ b/src/common.c @@ -56,15 +56,8 @@ fatal(const char* ident, const char* format, ...) /* Is the parent process allowed to call us? */ void -check_caller(const char* ident, uidt parentuid, gid_t parentgid) +check_caller(const char* ident, gid_t parentgid) { - /* compare to our parent's uid */ - if (parentuid != getuid()) { - fatal(ident, - "Failure to exec script. WANTED uid %d, GOT uid %d. " - "(Reconfigure to take %d?)", - parentuid, getuid(), getuid()); - } if (parentgid != getgid()) { fatal(ident, "Failure to exec script. WANTED gid %d, GOT gid %d. " diff --git a/src/common.h b/src/common.h index a72a4c258..3fbcde846 100644 --- a/src/common.h +++ b/src/common.h @@ -27,5 +27,5 @@ #include <unistd.h> void fatal(const char*, const char*, ...); -void check_caller(const char*, uid_t, gid_t); +void check_caller(const char*, gid_t); int run_script(const char*, int, char**, char**); diff --git a/src/mail-wrapper.c b/src/mail-wrapper.c index 1c5390ee9..ce2853c3b 100644 --- a/src/mail-wrapper.c +++ b/src/mail-wrapper.c @@ -20,11 +20,13 @@ #include "common.h" -/* TBD: Should make these arrays too?... */ -#define LEGAL_PARENT_UID MAIL_UID /* mail's UID */ -#define LEGAL_PARENT_GID MAIL_GID /* mail's GID */ +/* TBD: Should make this an array too?... */ + +/* GID that your sendmail runs filter programs as. See you sendmail.cf + * documentation for details + */ +#define LEGAL_PARENT_GID MAIL_GID -const int parentuid = LEGAL_PARENT_UID; const int parentgid = LEGAL_PARENT_GID; const char* logident = "Mailman mail-wrapper"; @@ -90,7 +92,7 @@ main(int argc, char** argv, char** env) if (!check_command(argv[1])) fatal(logident, "Illegal command: %s", argv[1]); - check_caller(logident, parentuid, parentgid); + check_caller(logident, parentgid); /* If we got here, everything must be OK */ status = setuid(geteuid()); |