aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNikolaus Schulz <microschulz@web.de>2007-11-02 20:26:40 +0000
committerNikolaus Schulz <microschulz@web.de>2007-11-02 20:26:40 +0000
commitb2f94206b1d0de36af7688f8139302db94982cae (patch)
treecf04cf2f9e50ff68548584d5d666abf9ced921f6
parentdfec62850e88efad255fe450378b39dc6efd848a (diff)
downloadarchivemail-b2f94206b1d0de36af7688f8139302db94982cae.tar.gz
archivemail-b2f94206b1d0de36af7688f8139302db94982cae.tar.bz2
archivemail-b2f94206b1d0de36af7688f8139302db94982cae.zip
Deprecate the old automatic seteuid feature; document this in the manpage and
changelog, and let archivemail spit a warning when it changes the effective user id.
-rw-r--r--CHANGELOG2
-rwxr-xr-xarchivemail.py2
-rw-r--r--archivemail.sgml6
3 files changed, 10 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 65a2155..df24916 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -17,6 +17,8 @@ Version 0.7.1 - UNRELEASED
Closes: #981865, #988803, #1764851, Debian bug #434798
* If running as root, only switch the effective uid and gid back if we have
actually switched them before. Closes: #1762907
+ * The automatic seteuid feature of archivemail is insecure and thus
+ deprecated; it will be removed from later versions.
Version 0.7.0 - 2 November 2006
* Fixed long options --filter-append and --pwfile to accept their arguments.
diff --git a/archivemail.py b/archivemail.py
index 170f5a8..d0e1578 100755
--- a/archivemail.py
+++ b/archivemail.py
@@ -1132,6 +1132,8 @@ def archive(mailbox_name):
os.setegid(mailbox_group)
vprint("changing effective user id to: %d" % mailbox_user)
os.seteuid(mailbox_user)
+ user_warning("changing effective user id: this automatic feature "
+ "is deprecated and will be removed from later versions.")
old_temp_dir = tempfile.tempdir
try:
diff --git a/archivemail.sgml b/archivemail.sgml
index 8efef1a..3ce582e 100644
--- a/archivemail.sgml
+++ b/archivemail.sgml
@@ -100,6 +100,12 @@ See below for more <application/IMAP/ peculiarities.
<Command/archivemail/ has some support for being run as the root user on
user mailboxes. When running as root, it will &seteuid; to the owner of the
mailbox it is reading, creating any archive files as that user.
+<emphasis>Warning:</emphasis>
+<!-- I would like to have a <warning> here, but the dsssl stylesheet thinks a
+ warning need be decorated with a graphic. *sigh* I won't start hacking
+ dsssl because of this. -->
+ this automatic seteuid feature is insecure and deprecated.
+ It will be removed from later versions of <command/archivemail/.
</Para>
</RefSect1>