diff options
| -rw-r--r-- | NEWS | 6 | ||||
| -rw-r--r-- | configure.in | 2 | ||||
| -rw-r--r-- | driver.c | 19 | ||||
| -rw-r--r-- | fetchmail.man | 3 |
4 files changed, 26 insertions, 4 deletions
@@ -6,7 +6,7 @@ features -- * POP3 UID support really works now. I make rude noises at the POP3 mavens who forced us to this with RFC1725, but thank Al Longyear <longyear@sii.com> - for fixing and verifying my slightly buggy implemntation. + for fixing and verifying my slightly buggy implementation. * Kerberos support ditto. Thanks to Chris Hanson <cph@martigny.mit.edu> for this feature. @@ -22,6 +22,10 @@ features -- * You may use C-like escapes to embed non-printables in passwords and other strings. Fetchmail -V will display them in a printable form. +* Program now tries to set itself to the ID of the local user before + running an MDA, and reset to root afterwards. This will work on + any system with seteuid(2), including Linux and the BSDs. + bugs -- * Default user name to deliver to is now the calling user, unless diff --git a/configure.in b/configure.in index d9a0aa55..736068cd 100644 --- a/configure.in +++ b/configure.in @@ -61,7 +61,7 @@ dnl All AC_CHECK_FUNCs must precede the following AC_SUBSTs AC_SUBST(EXTRASRC) AC_SUBST(EXTRAOBJ) -AC_CHECK_FUNCS(tcsetattr stty setsid rresvport) +AC_CHECK_FUNCS(tcsetattr stty setsid seteuid rresvport) dnl AC_FUNC_SETVBUF_REVERSED @@ -652,8 +652,25 @@ struct method *proto; /* protocol method table */ /* open the delivery pipe now if we're using an MDA */ if (queryctl->mda[0]) - if ((mboxfd = openmailpipe(queryctl)) < 0) + { +#ifdef HAVE_SETEUID + /* + * Arrange to run with user's permissions if we're root. + * This will initialize the ownership of any files the + * MDA creates properly. (The seteuid call is available + * under all BSDs and Linux) + */ + seteuid(queryctl->uid); +#endif /* HAVE_SETEUID */ + mboxfd = openmailpipe(queryctl); +#ifdef HAVE_SETEUID + /* this will fail quietly if we didn't start as root */ + seteuid(0); +#endif /* HAVE_SETEUID */ + + if (mboxfd < 0) goto cleanUp; + } /* read the message and ship it to the output sink */ ok = gen_readmsg(socket, mboxfd, diff --git a/fetchmail.man b/fetchmail.man index 15df5fb8..f60574e7 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -74,7 +74,8 @@ Some possible MDAs are "/usr/sbin/sendmail -oem %s", "/usr/lib/sendmail -oem %s", "/usr/bin/formail", and "/usr/bin/deliver %s" (if the MDA command contains %s, that escape will be expanded into your username on the client -machine). +machine). If \fIfetchmail\fR is running as root, it sets its userid to +that of the target user while delivering mail through an MDA. .TP .B \-F, --flush POP3/IMAP only. Delete old (previously retrieved) messages from the mailserver |