------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=926
--- Comment #9 from Phil Pennock <exim-dev@???> 2009-12-14 11:24:38 ---
Created an attachment (id=363)
--> (
http://bugs.exim.org/attachment.cgi?id=363)
fix opendir() success assumption in mbox_unspool()
Because the -bmalware option exposes a new way in, someone other than root/exim
with admin privileges can use -C to change config options and cause a drop in
privs, at which point mbox_unspool() segfaults because of a previously pretty
safe assumption that opendir() would succeed.
This patch is relative to CVS and is taken from a diff with attachment 361
already in place; I stripped out the stuff already in 361, but the patch line
numbers are a bit off and might need increased fuzz to apply (or just apply
manually, it's simple).
Note that non-admin users can't trigger this because -bmalware was added as an
option only available to admin users (because it could prod at content inside
the spool).
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
