cleanup of _POSIX_CHOWN_RESTRICTED stuff

SCCS-vsn: usr.sbin/sendmail/src/recipient.c 8.42
SCCS-vsn: usr.sbin/sendmail/src/conf.c 8.67

diff --git a/usr/src/usr.sbin/sendmail/src/conf.c b/usr/src/usr.sbin/sendmail/src/conf.c
index 4bffd58..e55ada4 100644 (file)
--- a/usr/src/usr.sbin/sendmail/src/conf.c
+++ b/usr/src/usr.sbin/sendmail/src/conf.c
@@ -7,7 +7,7 @@
  */
 
 #ifndef lint
  */
 
 #ifndef lint

-static char sccsid[] = "@(#)conf.c     8.66 (Berkeley) %G%";
+static char sccsid[] = "@(#)conf.c     8.67 (Berkeley) %G%";

 #endif /* not lint */
 
 # include "sendmail.h"
 #endif /* not lint */
 
 # include "sendmail.h"


@@ -1806,6 +1806,57 @@ lockfile(fd, filename, ext, type)
        return FALSE;
 }
 \f/*
        return FALSE;
 }
 \f/*

+**  CHOWNSAFE -- tell if chown is "safe" (executable only by root)
+**
+**     Parameters:
+**             fd -- the file descriptor to check.
+**
+**     Returns:
+**             TRUE -- if only root can chown the file to an arbitrary
+**                     user.
+**             FALSE -- if an arbitrary user can give away a file.
+*/
+
+bool
+chownsafe(fd)
+       int fd;
+{
+#ifdef __hpux__
+       char *s;
+       int tfd;
+       uid_t o_uid, o_euid;
+       gid_t o_gid, o_egid;
+       bool rval;
+       struct stat stbuf;
+
+       o_uid = getuid();
+       o_euid = geteuid();
+       o_gid = getgid();
+       o_egid = getegid();
+       fstat(fildes, &stbuf);
+       setresuid(stbuf.st_uid, stbuf.st_uid, -1);
+       setresgid(stbuf.st_gid, stbuf.st_gid, -1);
+       s = tmpnam(NULL);
+       tfd = open(s, O_RDONLY|O_CREAT, 0600);
+       rval = fchown(tfd, DefUid, DefGid) == 0;
+       close(tfd);
+       unlink(s);
+       setreuid(o_uid, o_euid);
+       setresgid(o_gid, o_egid, -1);
+       return rval;
+#else
+# ifdef _PC_CHOWN_RESTRICTED
+       return fpathconf(fd, _PC_CHOWN_RESTRICTED) > 0;
+# else
+#  ifdef BSD
+       return TRUE;
+#  else
+       return FALSE;
+#  endif
+# endif
+#endif
+}
+\f/*

 **  GETCFNAME -- return the name of the .cf file.
 **
 **     Some systems (e.g., NeXT) determine this dynamically.
 **  GETCFNAME -- return the name of the .cf file.
 **
 **     Some systems (e.g., NeXT) determine this dynamically.

diff --git a/usr/src/usr.sbin/sendmail/src/recipient.c b/usr/src/usr.sbin/sendmail/src/recipient.c
index 615730b..19b76cd 100644 (file)
--- a/usr/src/usr.sbin/sendmail/src/recipient.c
+++ b/usr/src/usr.sbin/sendmail/src/recipient.c
@@ -7,7 +7,7 @@
  */
 
 #ifndef lint
  */
 
 #ifndef lint

-static char sccsid[] = "@(#)recipient.c        8.41 (Berkeley) %G%";
+static char sccsid[] = "@(#)recipient.c        8.42 (Berkeley) %G%";

 #endif /* not lint */
 
 # include "sendmail.h"
 #endif /* not lint */
 
 # include "sendmail.h"


@@ -816,10 +816,25 @@ include(fname, forwarding, ctladdr, sendq, e)
        int rval = 0;
        int sfflags = forwarding ? SFF_MUSTOWN : SFF_ANYFILE;
        struct stat st;
        int rval = 0;
        int sfflags = forwarding ? SFF_MUSTOWN : SFF_ANYFILE;
        struct stat st;

+       char buf[MAXLINE];

 #ifdef _POSIX_CHOWN_RESTRICTED
 #ifdef _POSIX_CHOWN_RESTRICTED

+# if _POSIX_CHOWN_RESTRICTED == -1
+#  define safechown    FALSE
+# else
+#  define safechown    TRUE
+# endif
+#else
+# ifdef _PC_CHOWN_RESTRICTED

        bool safechown;
        bool safechown;

+# else
+#  ifdef BSD
+#   define safechown   TRUE
+#  else
+#   define safechown   FALSE
+#  endif
+# endif

 #endif
 #endif

-       char buf[MAXLINE];
+       extern bool chownsafe();

 
        if (tTd(27, 2))
                printf("include(%s)\n", fname);
 
        if (tTd(27, 2))
                printf("include(%s)\n", fname);


@@ -928,15 +943,15 @@ resetuid:
                return rval;
        }
 
                return rval;
        }
 

-#ifdef _POSIX_CHOWN_RESTRICTED
-       safechown = fpathconf(fileno(fp), _PC_CHOWN_RESTRICTED) != -1;
+#ifndef safechown
+       safechown = chownsafe(fileno(fp));
+#endif

        if (ca == NULL && safechown)
        {
                ctladdr->q_uid = st.st_uid;
                ctladdr->q_gid = st.st_gid;
                ctladdr->q_flags |= QGOODUID;
        }
        if (ca == NULL && safechown)
        {
                ctladdr->q_uid = st.st_uid;
                ctladdr->q_gid = st.st_gid;
                ctladdr->q_flags |= QGOODUID;
        }

-#endif

        if (ca != NULL && ca->q_uid == st.st_uid)
        {
                /* optimization -- avoid getpwuid if we already have info */
        if (ca != NULL && ca->q_uid == st.st_uid)
        {
                /* optimization -- avoid getpwuid if we already have info */


@@ -953,20 +968,16 @@ resetuid:
                if (pw != NULL)
                {
                        ctladdr->q_ruser = newstr(pw->pw_name);
                if (pw != NULL)
                {
                        ctladdr->q_ruser = newstr(pw->pw_name);

-#ifdef _POSIX_CHOWN_RESTRICTED

                        if (safechown)
                                sh = pw->pw_shell;
                        if (safechown)
                                sh = pw->pw_shell;

-#endif

                }
                if (pw == NULL)
                        ctladdr->q_flags |= QBOGUSSHELL;
                else if(!usershellok(sh))
                {
                }
                if (pw == NULL)
                        ctladdr->q_flags |= QBOGUSSHELL;
                else if(!usershellok(sh))
                {

-#ifdef _POSIX_CHOWN_RESTRICTED

                        if (safechown)
                                ctladdr->q_flags |= QBOGUSSHELL;
                        else
                        if (safechown)
                                ctladdr->q_flags |= QBOGUSSHELL;
                        else

-#endif

                                ctladdr->q_flags |= QUNSAFEADDR;
                }
        }
                                ctladdr->q_flags |= QUNSAFEADDR;
                }
        }