diff options
| author | Nikolaus Schulz <microschulz@web.de> | 2007-11-02 20:26:40 +0000 |
|---|---|---|
| committer | Nikolaus Schulz <microschulz@web.de> | 2007-11-02 20:26:40 +0000 |
| commit | b2f94206b1d0de36af7688f8139302db94982cae (patch) | |
| tree | cf04cf2f9e50ff68548584d5d666abf9ced921f6 | |
| parent | dfec62850e88efad255fe450378b39dc6efd848a (diff) | |
| download | archivemail-b2f94206b1d0de36af7688f8139302db94982cae.tar.gz archivemail-b2f94206b1d0de36af7688f8139302db94982cae.tar.bz2 archivemail-b2f94206b1d0de36af7688f8139302db94982cae.zip | |
Deprecate the old automatic seteuid feature; document this in the manpage and
changelog, and let archivemail spit a warning when it changes the effective user
id.
| -rw-r--r-- | CHANGELOG | 2 | ||||
| -rwxr-xr-x | archivemail.py | 2 | ||||
| -rw-r--r-- | archivemail.sgml | 6 |
3 files changed, 10 insertions, 0 deletions
@@ -17,6 +17,8 @@ Version 0.7.1 - UNRELEASED Closes: #981865, #988803, #1764851, Debian bug #434798 * If running as root, only switch the effective uid and gid back if we have actually switched them before. Closes: #1762907 + * The automatic seteuid feature of archivemail is insecure and thus + deprecated; it will be removed from later versions. Version 0.7.0 - 2 November 2006 * Fixed long options --filter-append and --pwfile to accept their arguments. diff --git a/archivemail.py b/archivemail.py index 170f5a8..d0e1578 100755 --- a/archivemail.py +++ b/archivemail.py @@ -1132,6 +1132,8 @@ def archive(mailbox_name): os.setegid(mailbox_group) vprint("changing effective user id to: %d" % mailbox_user) os.seteuid(mailbox_user) + user_warning("changing effective user id: this automatic feature " + "is deprecated and will be removed from later versions.") old_temp_dir = tempfile.tempdir try: diff --git a/archivemail.sgml b/archivemail.sgml index 8efef1a..3ce582e 100644 --- a/archivemail.sgml +++ b/archivemail.sgml @@ -100,6 +100,12 @@ See below for more <application/IMAP/ peculiarities. <Command/archivemail/ has some support for being run as the root user on user mailboxes. When running as root, it will &seteuid; to the owner of the mailbox it is reading, creating any archive files as that user. +<emphasis>Warning:</emphasis> +<!-- I would like to have a <warning> here, but the dsssl stylesheet thinks a + warning need be decorated with a graphic. *sigh* I won't start hacking + dsssl because of this. --> + this automatic seteuid feature is insecure and deprecated. + It will be removed from later versions of <command/archivemail/. </Para> </RefSect1> |