[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: -u option on CVS

From: Dan Nelson
Subject: Re: -u option on CVS
Date: Mon, 7 Feb 2005 23:14:16 -0600
User-agent: Mutt/1.5.6i

In the last episode (Feb 07), Daniel A. Deitch said:
> I went ahead and updated to 0.3.0 CVS just to see what would happen
> ... didn't fix the problem.

I wouldn't expect it to.  You were already running a relatively recent
CVS I think, so the only change is the version number :)

> I was looking through the logs again and saw the following which
> tells me that everything is working the way it's supposed to (I
> think). But I guess what I want to happen isn't in that range.
> So, with multiple recipients, it falls to sharedspam. Now the
> question is, can I make it fall to sharedspam when there's only 1
> recipient that's all virtual?

After more rooting around in spamd sources, trying to figure out what
goes where, it looks like handle_user() does the setuid call, but the
returnvalue is never checked to see whether the username lookup worked
or not!  Only within handle_user() are config files read.  If the
username doesn't exist or the setuid call fails (the uid is verified
but the error code is ignored!), the function simply returns, and you
end up with system defaults from here on.  The code in check() is
solely a userid adjustment; no config file or username changes are
made.  The fact that perl apparently lets users assign values to $> and
$) to set the uid and gid doesn't make the code any clearer.

Try this (you can lose the first change I suggested as it doesn't do
anything useful for you):

--- spamd       Mon Jan 10 13:21:25 2005
+++   Mon Feb  7 23:07:58 2005
@@ -1375,6 +1375,13 @@ sub handle_user {
   my ( $name, $pwd, $uid, $gid, $quota, $comment, $gcos, $dir, $etc ) =
+  if ( !defined($uid) ) {
+    $userid = "sharedspam";
+    $username = $userid;
+    my ( $name, $pwd, $uid, $gid, $quota, $comment, $gcos, $dir, $etc ) =
+      getpwnam($userid);
+  }
   if ( !$spamtest->{'paranoid'} && !defined($uid) ) {
     #if we are given a username, but can't look it up,

This is just above the code that reads in the userconfig files, so
hopefully it will set enough state that the rest of spamassassin uses
"sharedspam"'s config.

        Dan Nelson

reply via email to

[Prev in Thread] Current Thread [Next in Thread]