annotate src/child.c @ 331:e507c854a63e
Security fix! Correct handling of seteuid() return value
See Debian bug #638002, reported by John Lightsey.
When possible the (already available) set_euidgid() function is used.
Additionally, it is unnecessary to change the identity when writing
into an already open file descriptor.
This should fix the problem.
author |
markus schnalke <meillo@marmaro.de> |
date |
Sat, 27 Aug 2011 16:19:07 +0200 |
parents |
98cda87105a7 |
children |
b27f66555ba8 |
rev |
line source |
meillo@0
|
1 /* child.c, Copyright (C) 2000 by Oliver Kurth,
|
meillo@0
|
2 *
|
meillo@0
|
3 * This program is free software; you can redistribute it and/or modify
|
meillo@0
|
4 * it under the terms of the GNU General Public License as published by
|
meillo@0
|
5 * the Free Software Foundation; either version 2 of the License, or
|
meillo@0
|
6 * (at your option) any later version.
|
meillo@10
|
7 *
|
meillo@0
|
8 * This program is distributed in the hope that it will be useful,
|
meillo@0
|
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
meillo@0
|
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
meillo@0
|
11 * GNU General Public License for more details.
|
meillo@0
|
12 *
|
meillo@0
|
13 * You should have received a copy of the GNU General Public License
|
meillo@0
|
14 * along with this program; if not, write to the Free Software
|
meillo@0
|
15 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
meillo@0
|
16 */
|
meillo@0
|
17
|
meillo@0
|
18 #include <errno.h>
|
meillo@0
|
19 #include <stdio.h>
|
meillo@0
|
20 #include <stdlib.h>
|
meillo@0
|
21 #include <unistd.h>
|
meillo@0
|
22 #include <signal.h>
|
meillo@0
|
23 #include <sys/types.h>
|
meillo@0
|
24 #include <sys/socket.h>
|
meillo@0
|
25 #include <syslog.h>
|
meillo@0
|
26 #include <string.h>
|
meillo@0
|
27
|
meillo@0
|
28 #include "masqmail.h"
|
meillo@0
|
29
|
meillo@0
|
30
|
meillo@10
|
31 int
|
meillo@10
|
32 child(const char *command)
|
meillo@0
|
33 {
|
meillo@10
|
34 int pipe[2];
|
meillo@0
|
35
|
meillo@10
|
36 if (socketpair(AF_UNIX, SOCK_STREAM, 0, pipe) == 0) {
|
meillo@10
|
37 pid_t pid;
|
meillo@0
|
38
|
meillo@10
|
39 pid = fork();
|
meillo@10
|
40 if (pid == 0) {
|
meillo@10
|
41 int i, max_fd = sysconf(_SC_OPEN_MAX);
|
meillo@10
|
42 /* child */
|
meillo@10
|
43 dup2(pipe[0], 0);
|
meillo@10
|
44 dup2(pipe[0], 1);
|
meillo@10
|
45 dup2(pipe[0], 2);
|
meillo@0
|
46
|
meillo@10
|
47 if (max_fd <= 0)
|
meillo@10
|
48 max_fd = 64;
|
meillo@10
|
49 for (i = 3; i < max_fd; i++)
|
meillo@10
|
50 close(i);
|
meillo@10
|
51
|
meillo@10
|
52 {
|
meillo@10
|
53 char *argv[] = { "/bin/sh", "-c", (char *) command, NULL };
|
meillo@10
|
54 execve(*argv, argv, NULL);
|
meillo@10
|
55 }
|
meillo@10
|
56 logwrite(LOG_ALERT, "execve failed: %s\n", strerror(errno));
|
meillo@262
|
57 _exit(1);
|
meillo@10
|
58 } else if (pid == -1) {
|
meillo@10
|
59 return -1;
|
meillo@10
|
60 } else {
|
meillo@10
|
61 close(pipe[0]);
|
meillo@10
|
62 return pipe[1];
|
meillo@10
|
63 }
|
meillo@10
|
64 }
|
meillo@10
|
65 return -2;
|
meillo@0
|
66 }
|