Author: Harald Meland Date: To: exim-users Subject: Re: [Exim] Conditionalize a router on file existance; effective uid
and NFS woes
> On Wed, 6 Aug 2003, Harald Meland wrote:
>> As I now have realized that this solution is indeed not secure
>> (although it's no worse than the situation we've had until now, with
>> Exim < 4), I'll have a look at implementing this by fork()ing out a
>> separate process, doing plain set[ug]id() before stat() etc. there,
>> and reporting the result back to the mother process.
> Since the result is just yes/no, it could be passed in the return code,
> which makes things nice and easy.
> No need for complicated mechanisms to pass data between
> processes. That only just occurred to me - I was thinking it would
> be like other complicated cases where pipes are used.
So was I...
Happily, Kjetil Torgrim Homme, the guy over here who first got around
to making a patch for this, didn't. :-)
After we gave the thing a bit of a polish last night, it now seems to
work nicely; you can find the patch attached to this email.
Content-Description: Use fork()+exim_setugid() when needed in check_files()
[ Content of type text/x-patch deleted ]
This message was posted to the following mailing lists: