aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2007-12-26 14:18:17 +0000
committerMatthias Andree <matthias.andree@gmx.de>2007-12-26 14:18:17 +0000
commitd723cc008d7793334260e6ac0d7412ce13e1cf29 (patch)
tree982df8d876b94ba70beef2ce6d21f185620454ec
parenta87edc0f180fcfbdc6548352b93619ae3031e545 (diff)
downloadfetchmail-d723cc008d7793334260e6ac0d7412ce13e1cf29.tar.gz
fetchmail-d723cc008d7793334260e6ac0d7412ce13e1cf29.tar.bz2
fetchmail-d723cc008d7793334260e6ac0d7412ce13e1cf29.zip
.fetchmailrc/.fetchids may now be symlinks, Debian Bug#452907 (Roger Leigh).
svn path=/branches/BRANCH_6-3/; revision=5144
Diffstat
-rw-r--r--NEWS3
-rw-r--r--TODO.txt3
-rw-r--r--rcfile_y.y2
3 files changed, 5 insertions, 3 deletions
diff --git a/NEWS b/NEWS
index a5c4e4e8..ac45db7d 100644
--- a/NEWS
+++ b/NEWS
@@ -66,6 +66,9 @@ fetchmail 6.3.9 (not yet released):
* No longer complain about invalid sslproto "" when POP3 CAPA probe fails.
Fixes Debian Bug#421446 (Holger Leskien), Novell Bug #247233 (Jon Nelson).
Thanks to Matthias Strauß for a configuration to reproduce the issue.
+* Allow .fetchmailrc and .fetchids to be symlinks, as the manpage does not
+ document they aren't allowed - fixes Debian Bug #452907 (Roger Leigh).
+ TOCTOU race persists.
# CHANGES:
* Removed dead FETCHMAIL_DEBUG code from fetchmail.h that was disabled by
diff --git a/TODO.txt b/TODO.txt
index c54e788e..4be71f67 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -6,8 +6,6 @@ soon - MUST:
Earl Chew, 2007-07-30T02:28)
- publish SA-2007-02 after release
- Peter O'Gorman 2007-10-31 fetchmail-6.3.8 portability patches [-devel list]
-- Debian Bug #452907 .fetchmailrc not permitted to be a symlink
- (restriction not mentioned in manpage, also affects .idfile)
soon - SHOULD:
- BerliOS Bug #11576, thread on fetchmail users "Invalid SSL certificate" by
@@ -18,6 +16,7 @@ soon - SHOULD:
- add To: header to warning mails (authfail for instance)
- Debian Bug#449179, smbutil.c:90: unicodeToString: Assertion `len+1 < sizeof
buf' failed, from Stepan Golosunov <stepan@golosunov.pp.ru>
+- Fix TOCTOU race around prc_filecheck*
soon - MAY:
- https://bugzilla.novell.com/show_bug.cgi?id=246829 - fetchmail lost some mail
diff --git a/rcfile_y.y b/rcfile_y.y
index 266f480d..300fcc7f 100644
--- a/rcfile_y.y
+++ b/rcfile_y.y
@@ -404,7 +404,7 @@ int prc_filecheck(const char *pathname,
process, it must have permissions no greater than 600, and it must not
be a symbolic link. We check these conditions here. */
- if (lstat(pathname, &statbuf) < 0) {
+ if (stat(pathname, &statbuf) < 0) {
if (errno == ENOENT)
return(PS_SUCCESS);
else {
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-13 21:53:59 +0000