summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/cgi-wrapper.c101
1 files changed, 58 insertions, 43 deletions
diff --git a/src/cgi-wrapper.c b/src/cgi-wrapper.c
index 40a623654..f62fe9e7b 100644
--- a/src/cgi-wrapper.c
+++ b/src/cgi-wrapper.c
@@ -3,17 +3,18 @@
** variable, and pass it to two commands.
**
** 10-17-96 : Hal Schechner
-** 12-14-96 : John Viega -- changed to work on 1 command,
-** take a list of valid commands,
-** just pass on argv, and use execvp()
-** Also threw in some useful feedback for when there's
-** a failure, mainly for future debugging.
**
-** 03-31-98 : John Viega -- Consolidated all CGI wrappers into 1,
-** removed checking the command name, (it was
-** not real security anyway...) and changed it to use
-** syslog on error. This definitely doesn't have any of
-** Hal's code left ;-)
+** 12-14-96 : John Viega -- changed to work on 1 command, take a list of
+** valid commands, just pass on argv, and use
+** execvp() Also threw in some useful feedback for
+** when there's a failure, mainly for future
+** debugging.
+**
+** 03-31-98 : John Viega -- Consolidated all CGI wrappers into 1, removed
+** checking the command name, (it was not real
+** security anyway...) and changed it to use
+** syslog on error. This definitely doesn't have
+** any of Hal's code left ;-)
**
*/
#include <stdio.h>
@@ -23,53 +24,67 @@
#define COMMAND "/home/mailman/mailman/cgi/" ## SCRIPT
#define LOG_IDENT "Mailman-wrapper (" ## SCRIPT ## ")"
-const int LEGAL_PARENT_UID = 60001; /* nobody's UID */
-const int LEGAL_PARENT_GID = 60001; /* nobody's GID */
+const int LEGAL_PARENT_UID = 60001; /* nobody's UID */
+const int LEGAL_PARENT_GID = 60001; /* nobody's GID */
/*
** Report an error then exit.
*/
-void err(char *format, ...)
+void
+err(char *format, ...)
{
- char log_entry[1024];
+ char log_entry[1024];
- va_list arg_ptr;
- va_start(arg_ptr, format);
- vsprintf(log_entry, format, arg_ptr);
- va_end(arg_ptr);
+ va_list arg_ptr;
+ va_start(arg_ptr, format);
+ vsprintf(log_entry, format, arg_ptr);
+ va_end(arg_ptr);
- // Write to the console, maillog is often mostly ignored,
- // and root should definitely know about any problems.
- openlog(LOG_IDENT, LOG_CONS, LOG_MAIL);
- syslog(LOG_ERR, "%s", log_entry);
- closelog();
- exit(0);
+ /* Write to the console, maillog is often mostly ignored, and root
+ * should definitely know about any problems.
+ */
+ openlog(LOG_IDENT, LOG_CONS, LOG_MAIL);
+ syslog(LOG_ERR, "%s", log_entry);
+ closelog();
+ exit(0);
}
+
/*
** is the parent process allowed to call us?
*/
-void check_caller() {
- /* compare to our parent's uid */
- if(LEGAL_PARENT_UID != getuid())
- {
- err("Attempt to exec cgi %d made by uid %d", LEGAL_PARENT_UID,
- getuid());
- }
- if(LEGAL_PARENT_GID != getgid())
- {
- err("Attempt to exec cgi %d made by gid %d", LEGAL_PARENT_GID,
- getgid());
- }
+void
+check_caller()
+{
+ /* compare to our parent's uid */
+ if (LEGAL_PARENT_UID != getuid()) {
+ err("Attempt to exec cgi %d made by uid %d",
+ LEGAL_PARENT_UID,
+ getuid());
+ }
+ if (LEGAL_PARENT_GID != getgid()) {
+ err("Attempt to exec cgi %d made by gid %d",
+ LEGAL_PARENT_GID,
+ getgid());
+ }
}
-int main(int argc, char **argv, char **env)
+
+int
+main(int argc, char **argv, char **env)
{
- int i;
+ int i;
- check_caller();
- // If we get here, the caller is OK.
- setuid(geteuid());
- execve(COMMAND, &argv[0], env);
- err("execve of %s failed!", COMMAND);
+ check_caller();
+ /* If we get here, the caller is OK. */
+ setuid(geteuid());
+ execve(COMMAND, &argv[0], env);
+ err("execve of %s failed!", COMMAND);
}
+
+
+/*
+ * Local Variables:
+ * c-file-style: "python"
+ * End:
+ */
generated by cgit v1.2.3-70-g09d2 (git 2.51.2) at 2025-11-08 22:57:35 +0000