Re: [Exim] Conditionalize a router on file existance; effect…

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Harald Meland
CC: exim-users
Subject: Re: [Exim] Conditionalize a router on file existance; effective uid and NFS woes
On Tue, 5 Aug 2003, Harald Meland wrote:

> Exim _tries_ to do an ad-hoc-check of the accessibility by another
> user, but the check is not *really* checking the accessibility by
> another user;


I realize that. I will make the wording stronger to emphasize this.

> one should use
> set[e]uid(2)+access(2) for that.


ISTR that there are problems with access(2), or perhaps not all systems
have it, but that may just be my mis-remembering. Or maybe access(2)
uses seteuid, which I do not want to be used by Exim...

... when in doubt, RTFM. On Solaris, "man access" has this to say:

     The access() function checks the file named by the  pathname
     pointed  to by the path argument for accessibility according
     to the bit pattern contained in amode, using the  real  user
     ID  in  place of the effective user ID and the real group ID
     in place of the effective group ID.


This makes access(2) useless in this case, because when Exim is routing,
both the real and effective IDs are root.

> > During the time that the program is not running as root, any *other*
> > program that is running as that euid will have access to the process,
> > and could in principle modify the contents of its address space.
>
> ... or simply seteuid(2) back to root by themselves.


Sorry, you misunderstand me. I didn't mean another program that was run
from Exim. I meant an entirely independent other program running under
the non-root uid.

> I frankly can't see how the functionality I am looking to implement
> (which was present in earlier Exim versions), can be done without
> either
>
>   1) using seteuid(2) or
>   2) increasing the number of processes, and how much they need to
>      communicate between them, involved in routing addresses.


I agree, which is why the functionality is no longer there. Exim 4 has
now been in the field for about 18 months, and this is the first time
that anybody has raised this issue. For that reason, I cannot believe
that it is a critical one. Nevertheless, I regret that this is causing
you problems. However, I'm not sure where we go from here...

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book