equal
deleted
inserted
replaced
|
1 This patch was developed by a customer at New York University, as part of |
|
2 the analysis of a bug that was only discovered because the customer was |
|
3 building procmail as root, triggering TOGGLE_SGID_OK to be set, which in |
|
4 turn triggered CAN_toggle_sgid to be set, which is checked via logical OR |
|
5 with accspooldir when deciding about the privileges needed to set[rg]id. |
|
6 The patch will be submitted upstream. |
|
7 |
|
8 --- procmail-3.22/src/foldinfo.c.orig 2001-09-10 21:57:32.000000000 +0000 |
|
9 +++ procmail-3.22/src/foldinfo.c 2017-04-03 09:35:21.186639287 +0000 |
|
10 @@ -185,9 +185,9 @@ |
|
11 *chp='\0'; /* strip off the filename */ |
|
12 if(!stat(buf,&stbuf)) |
|
13 { unsigned wwsdir; |
|
14 - accspooldir=(wwsdir= /* world writable spool dir? */ |
|
15 - ((S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH)&stbuf.st_mode)== |
|
16 - (S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH) |
|
17 + accspooldir=((wwsdir= /* world writable spool dir? */ |
|
18 + (((S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH)&stbuf.st_mode)== |
|
19 + (S_IWGRP|S_IXGRP|S_IWOTH|S_IXOTH))) |
|
20 <<1| /* note it in bit 1 */ |
|
21 uid==stbuf.st_uid); /* we own the spool dir, note it in bit 0 */ |
|
22 if((CAN_toggle_sgid||accspooldir)&&privileged) |