You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by si...@apache.org on 2007/07/23 11:49:37 UTC
svn commit: r558676 - in /spamassassin/branches/3.1:
lib/Mail/SpamAssassin/Util.pm spamd/spamd.raw
Author: sidney
Date: Mon Jul 23 02:49:36 2007
New Revision: 558676
URL: http://svn.apache.org/viewvc?view=rev&rev=558676
Log:
bug 5518: spamd gets error: setrgid() not implemented when run as root with -u nobody on MacOS
Modified:
spamassassin/branches/3.1/lib/Mail/SpamAssassin/Util.pm
spamassassin/branches/3.1/spamd/spamd.raw
Modified: spamassassin/branches/3.1/lib/Mail/SpamAssassin/Util.pm
URL: http://svn.apache.org/viewvc/spamassassin/branches/3.1/lib/Mail/SpamAssassin/Util.pm?view=diff&rev=558676&r1=558675&r2=558676
==============================================================================
--- spamassassin/branches/3.1/lib/Mail/SpamAssassin/Util.pm (original)
+++ spamassassin/branches/3.1/lib/Mail/SpamAssassin/Util.pm Mon Jul 23 02:49:36 2007
@@ -1283,21 +1283,11 @@
if ($< != $touid) {
dbg("util: changing real uid from $< to match effective uid $touid");
- $< = $touid; # try the simple method first
+ # bug 3586: kludges needed to work around platform dependent behavior assigning to $<
+ # The POSIX functions deal with that so just use it here
+ POSIX::setuid($touid);
- # bug 3586: Some perl versions, typically those on a BSD-based
- # platform, require RUID==EUID (and presumably == 0) before $<
- # can be changed. So this is a kluge for us to get around the
- # typical spamd-ish behavior of: $< = 0, $> = someuid ...
- if ( $< != $touid ) {
- dbg("util: initial attempt to change real uid failed, trying BSD workaround");
-
- $> = $<; # revert euid to ruid
- $< = $touid; # change ruid to target
- $> = $touid; # change euid back to target
- }
-
- # Check that we have now accomplished the setuid
+ # Check that we have now accomplished the setuid: catch bug 3586 if it comes back
if ($< != $touid) {
# keep this fatal: it's a serious security problem if it fails
die "util: setuid $< to $touid failed!";
Modified: spamassassin/branches/3.1/spamd/spamd.raw
URL: http://svn.apache.org/viewvc/spamassassin/branches/3.1/spamd/spamd.raw?view=diff&rev=558676&r1=558675&r2=558676
==============================================================================
--- spamassassin/branches/3.1/spamd/spamd.raw (original)
+++ spamassassin/branches/3.1/spamd/spamd.raw Mon Jul 23 02:49:36 2007
@@ -56,6 +56,8 @@
use File::Path;
use Carp ();
+use constant RUNNING_ON_MACOS => ($^O =~ /^darwin/oi);
+
# Check to make sure the script version and the module version matches.
# If not, die here! Also, deal with unchanged VERSION macro.
if ($Mail::SpamAssassin::VERSION ne '@@VERSION@@' && '@@VERSION@@' ne "\@\@VERSION\@\@") {
@@ -883,24 +885,13 @@
$uuid =~ /^(\d+)$/ and $uuid = $1; # de-taint
$ugid =~ /^(\d+)$/ and $ugid = $1; # de-taint
- # Change GID
- $) = "$ugid $ugid"; # effective gid
- $( = $ugid; # real gid
-
- # Change UID
- $> = $uuid; # effective uid
- $< = $uuid; # real uid. we now cannot setuid anymore
-
- # bug 3900: BSD perl bug. see comment in setuid_to_euid() in
- # Mail::SA::Util on the same issue.
- if ($< != $uuid) {
- dbg("spamd: initial attempt to change real uid failed, trying BSD workaround");
-
- $> = $<; # revert euid to ruid
- $< = $uuid; # change ruid to target
- $> = $uuid; # change euid back to target
- }
+ # bug 5518: assignments to $) and $( don't always work on all platforms
+ # bug 3900: assignments to $> and $< problems with BSD perl bug
+ # use the POSIX functions to hide the platform specific workarounds
+ POSIX::setgid($ugid); # set effective and real gid
+ POSIX::setuid($uuid); # set effective and real UID
+ # keep the sanity check to catch problems like bug 3900 just in case
if ( $> != $uuid and $> != ( $uuid - 2**32 ) ) {
die "spamd: setuid to uid $uuid failed\n";
}