#include <sys/ioctl.h>
#include <fcntl.h>
+/* Hopefully, grp.h declares initgroups(). If we run into a platform
+ where it doesn't, we could consider declaring it here as well. */
+#include <grp.h>
+
/* This define is needed for Berkeley db v2 and above to
* make the header file expose the 'historical' ndbm APIs.
* We define it unconditionally because this is simple and
main (int argc, char **argv)
{
int fd, status;
- FILE *fp = stdin;
+ FILE *fp;
char *cp, *mdlvr = NULL, buf[BUFSIZ];
char mailbox[BUFSIZ], tmpfil[BUFSIZ];
char **argp, **arguments;
adios (NULL, "no such local user as %s", user);
if (chdir (pw->pw_dir) == -1)
- chdir ("/");
+ if (chdir ("/") < 0) {
+ advise ("/", "chdir");
+ }
umask (0077);
+ if (geteuid() == 0) {
+ if (setgid (pw->pw_gid) != 0) {
+ adios ("setgid", "unable to set group to %ld", (long) pw->pw_gid);
+ }
+ initgroups (pw->pw_name, pw->pw_gid);
+ if (setuid (pw->pw_uid) != 0) {
+ adios ("setuid", "unable to set user to %ld", (long) pw->pw_uid);
+ }
+ }
+
if (info == NULL)
info = "";
/* child process */
if (fd != 0)
dup2 (fd, 0);
- freopen ("/dev/null", "w", stdout);
- freopen ("/dev/null", "w", stderr);
+ if (freopen ("/dev/null", "w", stdout) == NULL) {
+ advise ("stdout", "freopen");
+ }
+ if (freopen ("/dev/null", "w", stderr) == NULL) {
+ advise ("stderr", "freopen");
+ }
if (fd != 3)
dup2 (fd, 3);
closefds (4);
rewind (in);
for (;;) {
+ int failed_to_lock = 0;
int bufsz = sizeof buf;
state = m_getfld (&gstate, name, buf, &bufsz, in);
switch (state) {
* This will fail if your Maildelivery file doesn't
* exist.
*/
- if ((lockfd = lkopendata(file, O_RDWR, 0)) == -1) {
+ if ((lockfd = lkopendata(file, O_RDWR, 0, &failed_to_lock))
+ == -1) {
advise (file, "unable to perform file locking on");
free (cp);
fclose (in);
projects / nmh / blobdiff