[3786] in bugtraq
sendmail 8.8.4/initgroups--the way it ought to be
daemon@ATHENA.MIT.EDU (Michael Douglass)
Thu Dec 12 03:00:45 1996
Date: Wed, 11 Dec 1996 16:14:59 -0600
Reply-To: Michael Douglass <mikedoug@texas.net>
From: Michael Douglass <mikedoug@texas.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
RCS file: RCS/conf.c,v
retrieving revision 1.1
diff -c -r1.1 conf.c
*** conf.c 1996/12/11 22:04:37 1.1
--- conf.c 1996/12/11 22:06:47
***************
*** 4275,4280 ****
--- 4275,4293 ----
#endif
}
/*
+ ** SM_INITGROUPS -- wrapper for initgroups
+ */
+ int sm_initgroups(uid,gid)
+ UID_T uid;
+ GID_T gid;
+ {
+ struct passwd *pw;
+ pw = sm_getpwuid(uid);
+ if( !pw )
+ return( -1 );
+ return( initgroups( pw->pw_name, gid ) );
+ }
+ /*
** SM_GETPW{NAM,UID} -- wrapper for getpwnam and getpwuid
*/
===================================================================
RCS file: RCS/main.c,v
retrieving revision 1.1
diff -c -r1.1 main.c
*** main.c 1996/12/11 21:58:08 1.1
--- main.c 1996/12/11 22:03:06
***************
*** 806,811 ****
--- 806,813 ----
if (OpMode != MD_DAEMON && OpMode != MD_FGDAEMON)
{
/* drop privileges -- daemon mode done after socket/bind */
+ if (RunAsUid != 0)
+ (void) sm_initgroups(RunAsUid,RunAsGid);
if (RunAsGid != 0)
(void) setgid(RunAsGid);
if (RunAsUid != 0)
***************
*** 1318,1323 ****
--- 1320,1327 ----
nullserver = getrequests(CurEnv);
/* drop privileges */
+ if (RunAsUid != 0)
+ (void) sm_initgroups(RunAsUid,RunAsGid);
if (RunAsGid != 0)
(void) setgid(RunAsGid);
if (RunAsUid != 0)
===================================================================
RCS file: RCS/sendmail.h,v
retrieving revision 1.1
diff -c -r1.1 sendmail.h
*** sendmail.h 1996/12/11 22:03:30 1.1
--- sendmail.h 1996/12/11 22:07:48
***************
*** 1365,1370 ****
--- 1365,1371 ----
extern int releasesignal __P((int));
extern struct hostent *sm_gethostbyname __P((char *));
extern struct hostent *sm_gethostbyaddr __P((char *, int, int));
+ extern int sm_initgroups __P((UID_T, GID_T));
extern struct passwd *sm_getpwnam __P((char *));
extern struct passwd *sm_getpwuid __P((UID_T));
extern struct passwd *finduser __P((char *, bool *));
Michael Douglass
Texas Networking, Inc.
"The past is a foreign country; they do things differently there."
L. P. Hartley, British author. The Go-Between, Prologue (1953).
