Date: Sat, 30 Mar 1996 13:06:22 -0500 From: henrich@crh.cl.msu.edu To: FreeBSD-gnats-submit@freebsd.org Subject: bin/1111: mail.local bug (quota) Message-ID: <199603301806.NAA00616@crh.cl.msu.edu> Resent-Message-ID: <199603301810.KAA22545@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 1111
>Category: bin
>Synopsis: mail.local will happily deliver mail to a quota'd filesystem
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Mar 30 10:10:03 PST 1996
>Last-Modified:
>Originator: Charles Henrich
>Organization:
Charles Henrich Michigan State University henrich@msu.edu
http://pilot.msu.edu/~henrich
>Release: FreeBSD 2.1-STABLE i386
>Environment:
FreeBSD 2.1 (probably all BSD-4.4 derivitives).
>Description:
/usr/libexec/mail.local runs as root. As such is can fill up a
mailbox on a quota'd filesystem, and keep going... Makes quota's
almost useless in an ISP environment.
>How-To-Repeat:
send a mail message..
>Fix:
Here's a patch to mail.local (tested, it works) to cause mail.local
to become the user before delivery is attempted, which will fail for
overquota. One note needs to be said about QUOTA's and mail, when
one enables quota on a mail system sendmail must run a mail.local
for each message (e.g. no lower m in the args F= in Mprog in
sendmail.cf). If sendmail attempts multiple recipient delivery, and
any recipient is over quota, the mail will be requeued for delivery
again later. Unfortunatly everyone else who was delivered to at the
same time, without error, will keep getting copies of the message until
the entire delivery attempt was a success. This is an inherent flaw
in mail.local, and not a result of this patch.
*** mail.local.orig.c Sat Mar 30 12:59:43 1996
--- /tmp/mail.local.c Sat Mar 30 12:58:11 1996
***************
*** 199 ****
--- 200 ----
+ uid_t saveeuid;
***************
*** 234 ****
--- 236,237 ----
+
+ saveeuid=geteuid();
***************
*** 235 ****
--- 239 ----
+
***************
*** 246 ****
--- 251,259 ----
+
+ /* Now that the box is created and permissions are correct, we
+ close it and go back to the top so that we will come in
+ and write as the user. We dont seteuid() before the above
+ open, because we have to be root/bin to write in var/mail */
+
+ close(mbfd);
+ goto tryagain;
+
***************
*** 251 ****
--- 265,272 ----
+
+ /* Become the user, so quota enforcement will occur */
+
+ if(seteuid(pw->pw_uid) != 0) {
+ warn("Unable to setuid()");
+ return;
+ }
+
***************
*** 258 ****
--- 280 ----
+ seteuid(saveeuid);
***************
*** 265 ****
--- 288,289 ----
+ seteuid(saveeuid);
+
***************
*** 285 ****
--- 310 ----
+
***************
*** 304 ****
--- 330 ----
+ seteuid(saveeuid);
***************
*** 311 ****
--- 338 ----
+ seteuid(saveeuid);
***************
*** 313 ****
--- 341,342 ----
+
+ seteuid(saveeuid);
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199603301806.NAA00616>