From 1587e4153763fab493acf2deee9028e24e1da57f Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Sun, 2 Aug 1998 16:30:25 +0000
Subject: Improved security.

svn path=/trunk/; revision=2032
---
 NEWS         |  3 ++-
 acconfig.h   |  7 +++++++
 configure.in |  2 +-
 fetchmail.c  | 18 ++++++++++++++++++
 4 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 0b028c05..8e9a1040 100644
--- a/NEWS
+++ b/NEWS
@@ -6,8 +6,9 @@ fetchmail-4.5.5 ():
 * Kent Robotti sent an updated version of fetchsetup.
 * Fixed the spam-block code that I broke in 4.5.3 :-(.
 * Updated the entry on setting up sendmail spam blocks.
+* Added setrlimit call to inhibit core dumps unless debugging is on.
 
-There are 260 people on fetchmail-friends and 252 on fetchmail-announce.
+There are 257 people on fetchmail-friends and 255 on fetchmail-announce.
 
 fetchmail-4.5.4 (Sat Jul 25 10:25:14 EDT 1998):
 * Fixed processing of --antispam option.
diff --git a/acconfig.h b/acconfig.h
index 2e6d8630..78bb273a 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -47,6 +47,9 @@
 /* Define if you have on_exit */
 #undef HAVE_ON_EXIT
 
+/* Define if you have setrlimit */
+#undef HAVE_SETRLIMIT
+
 /* Compute an appropriate directory for PID lock files */
 #undef PID_DIR
 
@@ -78,8 +81,12 @@
 
 /* Define if you want network security support compiled in */
 #undef NET_SECURITY
+
+/* Define if you want GSSAPI authentication */
+#undef GSSAPI
 
 /* Leave that blank line there!!  Autoheader needs it.
    If you're adding to this file, keep in mind:
    The entries are in sort -df order: alphabetical, case insensitive,
    ignoring punctuation (such as underscores).  */
+
diff --git a/configure.in b/configure.in
index e819034b..c50b64e3 100644
--- a/configure.in
+++ b/configure.in
@@ -85,7 +85,7 @@ AC_SUBST(EXTRAOBJ)
 
 AC_CHECK_FUNCS(tcsetattr stty setsid seteuid gethostbyname res_search herror \
   strrchr strerror setlinebuf syslog snprintf vprintf vsnprintf vsyslog \
-  atexit inet_aton strftime)
+  atexit inet_aton strftime setrlimit)
 
 # Under Red Hat 4.0 (and many other Linuxes) -lresolv is seriously flaky
 # and breaks gethostbyname(2).  It's better to use the bind stuff in the C
diff --git a/fetchmail.c b/fetchmail.c
index 1d549eb5..bc841b28 100644
--- a/fetchmail.c
+++ b/fetchmail.c
@@ -30,6 +30,9 @@
 #include <sys/time.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+#ifdef HAVE_SETRLIMIT
+#include <sys/resource.h>
+#endif /* HAVE_SETRLIMIT */
 #ifdef HAVE_SYS_WAIT_H
 #include <sys/wait.h>
 #endif
@@ -336,6 +339,21 @@ int main (int argc, char **argv)
     strcat (netrc_file, "/.netrc");
     netrc_list = parse_netrc(netrc_file);
 
+#ifdef HAVE_SETRLIMIT
+    /*
+     * Before getting passwords, disable core dumps unless -v -d0 mode is on.
+     * Core dumps could otherwise contain passwords to be scavenged by a
+     * cracker.
+     */
+    if (outlevel < O_VERBOSE || run.poll_interval > 0)
+    {
+	struct rlimit corelimit;
+	corelimit.rlim_cur = 0;
+	corelimit.rlim_max = 0;
+	setrlimit(RLIMIT_CORE, &corelimit);
+    }
+#endif /* HAVE_SETRLIMIT */
+
     /* pick up interactively any passwords we need but don't have */ 
     for (ctl = querylist; ctl; ctl = ctl->next)
 	if (ctl->active && !(implicitmode && ctl->server.skip)&&!ctl->password)
-- 
cgit v1.2.3