From: Christian Laursen (xiborderworlds.dk)
Date: Tue Nov 02 2004 - 07:18:17 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have default_privs set to nobody.

I have some mail sent to an external command that needs write access
to some files that also need to be written by another user.

I then made a group and placed both nobody and the other user in it.
The other user can write the files without problems, but the external
program called from postfix can't.

I looked at the sources and made the following change:

--- src/util/set_ugid.c.orig Tue Nov 2 13:24:14 2004
+++ src/util/set_ugid.c Tue Nov 2 13:38:58 2004
-45,14 +45,16
 void set_ugid(uid_t uid, gid_t gid)
 {
     int saved_errno = errno;
+ char user[15];
 
     if (geteuid() != 0)
         if (seteuid(0) < 0)
             msg_fatal("seteuid(0): %m");
     if (setgid(gid) < 0)
         msg_fatal("setgid(%ld): %m", (long) gid);
- if (setgroups(1, &gid) < 0)
- msg_fatal("setgroups(1, &%ld): %m", (long) gid);
+ snprintf(user, sizeof(user), "%ld", uid);
+ if (initgroups(user, gid) < 0)
+ msg_fatal("initgroups(%s, &%ld): %m", user, (long) gid);
     if (setuid(uid) < 0)
         msg_fatal("setuid(%ld): %m", (long) uid);
     if (msg_verbose > 1)

With that change it works exactly as I expect it to do.

Now I wonder why the behaviour is not like that originally.

Is it intentionally that only the base gid is put in the group
list?

If that is the case wouldn't it be a good idea with a configuration
directive to get my behaviour?

Thanks in advance.

--
Christian Laursen

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]