masqmail

annotate src/permissions.c @ 411:9b93c0a3bd8c

Ensure lvals, rvals and components of address strucs are stripped.
author markus schnalke <meillo@marmaro.de>
date Wed, 29 Feb 2012 12:06:33 +0100
parents 41958685480d
children
rev   line source
meillo@367 1 /*
meillo@367 2 ** MasqMail
meillo@367 3 ** Copyright (C) 2000 Oliver Kurth
meillo@367 4 ** Copyright (C) 2010 markus schnalke <meillo@marmaro.de>
meillo@367 5 **
meillo@367 6 ** This program is free software; you can redistribute it and/or modify
meillo@367 7 ** it under the terms of the GNU General Public License as published by
meillo@367 8 ** the Free Software Foundation; either version 2 of the License, or
meillo@367 9 ** (at your option) any later version.
meillo@367 10 **
meillo@367 11 ** This program is distributed in the hope that it will be useful,
meillo@367 12 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
meillo@367 13 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
meillo@367 14 ** GNU General Public License for more details.
meillo@367 15 **
meillo@367 16 ** You should have received a copy of the GNU General Public License
meillo@367 17 ** along with this program; if not, write to the Free Software
meillo@367 18 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
meillo@0 19 */
meillo@0 20
meillo@0 21 #include <pwd.h>
meillo@0 22 #include <grp.h>
meillo@0 23
meillo@15 24 #include "masqmail.h"
meillo@15 25
meillo@0 26 /* is there really no function in libc for this? */
meillo@10 27 gboolean
meillo@10 28 is_ingroup(uid_t uid, gid_t gid)
meillo@0 29 {
meillo@10 30 struct group *grent = getgrgid(gid);
meillo@84 31 struct passwd *pwent = getpwuid(uid);
meillo@84 32 char *entry;
meillo@84 33 int i = 0;
meillo@0 34
meillo@84 35 if (!grent) {
meillo@84 36 return FALSE;
meillo@84 37 }
meillo@84 38 if (!pwent) {
meillo@84 39 return FALSE;
meillo@84 40 }
meillo@84 41 /* check primary group */
meillo@84 42 if (pwent->pw_gid == gid) {
meillo@84 43 return TRUE;
meillo@84 44 }
meillo@84 45 /* check secondary groups */
meillo@84 46 while ((entry = grent->gr_mem[i++])) {
meillo@84 47 if (strcmp(pwent->pw_name, entry) == 0)
meillo@84 48 return TRUE;
meillo@10 49 }
meillo@10 50 return FALSE;
meillo@0 51 }
meillo@0 52
meillo@10 53 gboolean
meillo@10 54 is_privileged_user(uid_t uid)
meillo@0 55 {
meillo@87 56 /* uncomment these lines if you need the `uucp' group to be trusted too
meillo@366 57 struct group *grent = getgrnam("uucp");
meillo@87 58
meillo@87 59 if (is_ingroup(uid, grent->gr_gid)) {
meillo@87 60 return TRUE;
meillo@87 61 }
meillo@87 62 */
meillo@87 63
meillo@10 64 return (uid == 0) || (uid == conf.mail_uid) || (is_ingroup(uid, conf.mail_gid));
meillo@0 65 }
meillo@0 66
meillo@10 67 void
meillo@366 68 set_euidgid(gint uid, gint gid, uid_t *old_uid, gid_t *old_gid)
meillo@0 69 {
meillo@10 70 if (old_uid)
meillo@10 71 *old_uid = geteuid();
meillo@10 72 if (old_gid)
meillo@10 73 *old_gid = getegid();
meillo@0 74
meillo@10 75 seteuid(0);
meillo@0 76
meillo@10 77 if (setegid(gid) != 0) {
meillo@10 78 logwrite(LOG_ALERT, "could not change gid to %d: %s\n", gid, strerror(errno));
meillo@262 79 exit(1);
meillo@10 80 }
meillo@10 81 if (seteuid(uid) != 0) {
meillo@10 82 logwrite(LOG_ALERT, "could not change uid to %d: %s\n", uid, strerror(errno));
meillo@262 83 exit(1);
meillo@10 84 }
meillo@0 85 }
meillo@0 86
meillo@10 87 void
meillo@366 88 set_identity(uid_t old_uid, gchar *task_name)
meillo@0 89 {
meillo@10 90 if (!conf.run_as_user) {
meillo@10 91 if (!is_privileged_user(old_uid)) {
meillo@10 92 fprintf(stderr, "must be root, %s or in group %s for %s.\n", DEF_MAIL_USER, DEF_MAIL_GROUP, task_name);
meillo@262 93 exit(1);
meillo@10 94 }
meillo@0 95
meillo@10 96 set_euidgid(conf.mail_uid, conf.mail_gid, NULL, NULL);
meillo@10 97 }
meillo@0 98 }