masqmail: src/permissions.c annotate

annotate src/permissions.c @ 0:08114f7dcc23 0.2.21

this is masqmail-0.2.21 from oliver kurth

author	meillo@marmaro.de
date	Fri, 26 Sep 2008 17:05:23 +0200
parents
children	26e34ae9a3e3

rev	line source
0 08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	1 /* MasqMail
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	2 Copyright (C) 2000 Oliver Kurth
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	3
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	4 This program is free software; you can redistribute it and/or modify
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	5 it under the terms of the GNU General Public License as published by
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	6 the Free Software Foundation; either version 2 of the License, or
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	7 (at your option) any later version.
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	8
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	9 This program is distributed in the hope that it will be useful,
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	10 but WITHOUT ANY WARRANTY; without even the implied warranty of
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	12 GNU General Public License for more details.
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	13
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	14 You should have received a copy of the GNU General Public License
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	15 along with this program; if not, write to the Free Software
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	16 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	17 */
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	18
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	19 #include "masqmail.h"
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	20 #include <pwd.h>
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	21 #include <grp.h>
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	22
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	23 /* is there really no function in libc for this? */
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	24 gboolean is_ingroup(uid_t uid, gid_t gid)
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	25 {
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	26 struct group *grent = getgrgid(gid);
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	27
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	28 if(grent){
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	29 struct passwd *pwent = getpwuid(uid);
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	30 if(pwent){
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	31 char *entry;
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	32 int i = 0;
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	33 while((entry = grent->gr_mem[i++])){
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	34 if(strcmp(pwent->pw_name, entry) == 0)
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	35 return TRUE;
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	36 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	37 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	38 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	39 return FALSE;
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	40 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	41
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	42 gboolean is_privileged_user(uid_t uid)
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	43 {
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	44 return (uid == 0) \|\| (uid == conf.mail_uid) \|\| (is_ingroup(uid, conf.mail_gid));
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	45 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	46
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	47 void set_euidgid(gint uid, gint gid, uid_t old_uid, gid_t old_gid)
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	48 {
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	49 if(old_uid) *old_uid = geteuid();
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	50 if(old_gid) *old_gid = getegid();
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	51
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	52 seteuid(0);
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	53
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	54 if(setegid(gid) != 0){
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	55 logwrite(LOG_ALERT, "could not change gid to %d: %s\n",
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	56 gid, strerror(errno));
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	57 exit(EXIT_FAILURE);
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	58 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	59 if(seteuid(uid) != 0){
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	60 logwrite(LOG_ALERT, "could not change uid to %d: %s\n",
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	61 uid, strerror(errno));
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	62 exit(EXIT_FAILURE);
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	63 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	64 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	65
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	66 void set_identity(uid_t old_uid, gchar *task_name)
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	67 {
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	68 if(!conf.run_as_user){
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	69 if(!is_privileged_user(old_uid)){
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	70 fprintf(stderr,
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	71 "must be root, %s or in group %s for %s.\n",
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	72 DEF_MAIL_USER, DEF_MAIL_GROUP, task_name);
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	73 exit(EXIT_FAILURE);
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	74 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	75
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	76 set_euidgid(conf.mail_uid, conf.mail_gid, NULL, NULL);
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	77 }
08114f7dcc23 this is masqmail-0.2.21 from oliver kurth meillo@marmaro.de parents: diff changeset	78 }

Mercurial > masqmail

annotate src/permissions.c @ 0:08114f7dcc23 0.2.21