summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--maildrop.c31
-rw-r--r--pop3d.c9
-rw-r--r--pop3d.h3
3 files changed, 16 insertions, 27 deletions
diff --git a/maildrop.c b/maildrop.c
index 634fa3f..85aa32a 100644
--- a/maildrop.c
+++ b/maildrop.c
@@ -48,7 +48,7 @@ static size_t expand(char *, const char *, size_t, struct passwd *);
static struct mdrop m;
-void
+pid_t
maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
int type, const char *path)
{
@@ -61,21 +61,13 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
mode_t old_mask;
int fd, flags, res = -1;
- if (seteuid(pw->pw_uid) < 0)
- fatal("cannot lower privileges");
+ if ((pid = fork()) != 0)
+ return (pid);
- pid = fork();
- if (seteuid(0) < 0)
- fatal("cannot restore privileges");
-
- if (pid < 0)
- fatal("maildrop: fork");
-
- if (pid > 0)
- return;
-
- if (seteuid(pw->pw_uid) < 0)
- fatal("cannot lower privileges");
+ if (setgroups(1, &pw->pw_gid) ||
+ setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
+ setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
+ fatal("cannot drop privileges");
close(pair[0]);
setproctitle("maildrop");
@@ -101,14 +93,6 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
}
umask(old_mask);
- if (seteuid(0) < 0)
- fatal("cannot restore privileges");
-
- if (setgroups(1, &pw->pw_gid) ||
- setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
- setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
- fatal("cannot drop privileges");
-
event_init();
signal_set(&ev_sigint, SIGINT, sig_handler, NULL);
signal_set(&ev_sigterm, SIGTERM, sig_handler, NULL);
@@ -144,6 +128,7 @@ expand(char *dst, const char *src, size_t dst_sz, struct passwd *pw)
size_t i = 0, r;
int c;
+ memset(dst, 0, dst_sz);
while ((c = *src++)) {
if (i >= dst_sz)
break;
diff --git a/pop3d.c b/pop3d.c
index 56c8047..77cbfa0 100644
--- a/pop3d.c
+++ b/pop3d.c
@@ -170,9 +170,14 @@ authenticate(struct imsgev *iev, struct imsg *imsg)
if ((pw = getpwnam(req->user)) == NULL)
fatalx("authenticate: getpwnam");
- maildrop_init(imsg->hdr.peerid, pair, pw, mtype, mpath);
- close(pair[1]);
+ if (maildrop_init(imsg->hdr.peerid, pair, pw, mtype, mpath) == -1) {
+ logit(LOG_INFO, "%u: unable to fork maildrop process",
+ imsg->hdr.peerid);
+ pair[0] = -1;
+ goto end;
+ }
+ close(pair[1]);
end:
imsgev_xcompose(iev, IMSG_AUTH, imsg->hdr.peerid, 0,
pair[0], NULL, 0, "authenticate");
diff --git a/pop3d.h b/pop3d.h
index 3035795..8573648 100644
--- a/pop3d.h
+++ b/pop3d.h
@@ -158,8 +158,7 @@ int session_cmp(struct session *, struct session *);
SPLAY_PROTOTYPE(session_tree, session, entry, session_cmp);
/* maildrop.c */
-void maildrop_init(uint32_t, int [2], struct passwd *,
- int, const char *);
+pid_t maildrop_init(uint32_t, int [2], struct passwd *, int, const char *);
/* util.c */
void set_nonblocking(int);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 14:07:53 +0000