[Mimedefang] mimedefang does not change UID on FreeBSD 4.5/4.6
Martin Matuska
matuska at wu-wien.ac.at
Tue May 28 09:17:14 EDT 2002
I am using mimedefang 2.12 on FreeBSD 4.5/4.6
Mimedefang works well but I have the following security problem:
mimedefang-multiplexor process does change its uid and sock owner if the -U
flag is specified, so everything ok.
mimedefang does not - it remains root even if -U is specified.
If I add the following patch, mimedefang does change uid, but the path to
sockfile has to point into a directory
that is writable and readable by the specified user.
Is there a way to solve this problem differently?
Thank you.
diff -bur ../orig/mimedefang.c ./mimedefang.c
--- ../orig/mimedefang.c Fri May 24 03:11:38 2002
+++ ./mimedefang.c Fri May 24 03:11:53 2002
@@ -1590,6 +1590,14 @@
free(pidfile);
}
+ /* Drop privileges */
+ if (user) {
+ if (drop_privs(user, pw->pw_uid, pw->pw_gid) < 0) {
+ exit(EXIT_FAILURE);
+ }
+ free(user);
+ }
+
chdir("/");
(void) closelog();
closefiles();
More information about the MIMEDefang
mailing list