d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Last time I trust 'sucess's on a non-context diff...

Browse Source 
Pointed out by: Bill Fenner <fenner@parc.xerox.com>
This commit is contained in:
Marc G. Fournier 1996-10-22 22:52:37 +00:00
parent 6713d4a747
commit 59faa42d9d
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=19114
1 changed files with 23 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
libexec/mail.local/mail.local.c
View File

@ -30,7 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: mail.local.c,v 1.7 1996/09/22 21:54:07 wosch Exp $
* $Id: mail.local.c,v 1.8 1996/10/22 21:01:01 scrappy Exp $
*/
#ifndef lint
@ -197,13 +197,13 @@ void
deliver(fd, name, nobiff)
int fd, nobiff;
char *name;
uid_t saveeuid;
{
struct stat fsb, sb;
struct passwd *pw;
int mbfd, nr, nw, off;
char biffmsg[100], buf[8*1024], path[MAXPATHLEN];
off_t curoff;
uid_t saveeuid;
/*
* Disallow delivery to unknown names -- special mailboxes can be
@ -233,8 +233,6 @@ deliver(fd, name, nobiff)
* If we created the mailbox, set the owner/group. If that fails,
* just return. Another process may have already opened it, so we
* can't unlink it. Historically, binmail set the owner/group at
saveeuid=geteuid();
* each mail delivery. We no longer do this, assuming that if the
* ownership or permissions were changed there was a reason.
@ -242,6 +240,8 @@ deliver(fd, name, nobiff)
* XXX
* open(2) should support flock'ing the file.
*/
saveeuid=geteuid();
tryagain:
if (lstat(path, &sb)) {
mbfd = open(path,
@ -249,6 +249,14 @@ deliver(fd, name, nobiff)
if (mbfd == -1) {
if (errno == EEXIST)
goto tryagain;
} else if (fchown(mbfd, pw->pw_uid, pw->pw_gid)) {
e_to_sys(errno);
warn("chown %u.%u: %s", pw->pw_uid, pw->pw_gid, name);
return;
}
/* Now that the box is created and permissions are correct, we
close it and go back to the top so that we will come in
and write as the user. We dont seteuid() before the above
@ -257,12 +265,11 @@ deliver(fd, name, nobiff)
close(mbfd);
goto tryagain;
goto tryagain;
} else if (fchown(mbfd, pw->pw_uid, pw->pw_gid)) {
e_to_sys(errno);
warn("chown %u.%u: %s", pw->pw_uid, pw->pw_gid, name);
return;
} else if (sb.st_nlink != 1 || S_ISLNK(sb.st_mode)) {
e_to_sys(errno);
warn("%s: linked file", path);
return;
} else {
/* Become the user, so quota enforcement will occur */
if(seteuid(pw->pw_uid) != 0) {
@ -270,22 +277,15 @@ deliver(fd, name, nobiff)
return;
}
}
} else if (sb.st_nlink != 1 || S_ISLNK(sb.st_mode)) {
e_to_sys(errno);
warn("%s: linked file", path);
return;
} else {
mbfd = open(path, O_APPEND|O_WRONLY, 0);
seteuid(saveeuid);
if (mbfd != -1 &&
(fstat(mbfd, &fsb) || fsb.st_nlink != 1 ||
S_ISLNK(fsb.st_mode) || sb.st_dev != fsb.st_dev ||
sb.st_ino != fsb.st_ino)) {
warn("%s: file changed after open", path);
(void)close(mbfd);
seteuid(saveeuid);
return;
seteuid(saveeuid);
}
}
@ -294,6 +294,7 @@ deliver(fd, name, nobiff)
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
return;
seteuid(saveeuid);
}
/* Wait until we can get a lock on the file. */
@ -327,19 +328,16 @@ deliver(fd, name, nobiff)
if (nr < 0) {
e_to_sys(errno);
warn("temporary file: %s", strerror(errno));
seteuid(saveeuid);
err2: (void)ftruncate(mbfd, curoff);
err1: (void)close(mbfd);
seteuid(saveeuid);
return;
}
#ifndef DONT_FSYNC
/* Flush to disk, don't wait for update. */
seteuid(saveeuid);
if (fsync(mbfd)) {
e_to_sys(errno);
seteuid(saveeuid);
warn("%s: %s", path, strerror(errno));
goto err2;
}
@ -349,9 +347,12 @@ err1: (void)close(mbfd);
if (close(mbfd)) {
e_to_sys(errno);
warn("%s: %s", path, strerror(errno));
seteuid(saveeuid);
return;
}
seteuid(saveeuid);
if (!nobiff)
notifybiff(biffmsg);
}