On Mon, 24 Dec 2001, nick slussar wrote:
> bug was discussed about a month ago on debian-russian, and <dbg>
> suggested, that the qhole point is in the way exim tries to find out
> whether it has been launched from inetd or from init.d, and if it's
> launched from inetd, it will check relays, etc.
Unfortunately I don't subscribe to debian-russian. This is the first
I've heard of this problem.
> look at this piece of code from exim:
>
> if (smtp_input && (real_uid == root_uid ||
> (exim_uid_set && real_uid == exim_uid)))
> {
> int size = sizeof(inetd_sock);
> if (getpeername(0, (struct sockaddr *)(&inetd_sock), &size) == 0)
> {
> int family = ((struct sockaddr *)(&inetd_sock))->sa_family;
> if (family == AF_INET || family == AF_INET6) is_inetd = TRUE;
> }
> }
>
> obvious, that with such combination of real/effective uid's, as in our
> situation, it be never able to identify that it has been launched from
> inetd.
I cannot now remember why I wrote it that way, but there must have been
some reason.
> suggested simple fix is to call getpeername always, without relying on
> uid combination.
But that would mean that any unprivileged user could call Exim and pass
it a socket on its standard input, and it would think it was being
called from inetd. Seems to me that that is an undesirable situation.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
