On Tue, 30 Sep 2003, Steve Barber wrote:
> > There is currently no mechanism to disable the initgroups() call for the
> > POP server only. As you've noted, it's very definitely necessary for the
> > IMAP server. It shouldn't be too difficult to put in such a feature if it
> > turns out that's the only feasible solution.
> I'd be very interested in such a feature. I'm even willing to take a first
> crack at it if you can give me some hints as to how, in that code segment,
> I might cleanly be able to determine whether it's being used from ipop3d.
I suggest something getting the service name and skipping the initgroups
call if it is pop, e.g.:
long loginpw (struct passwd *pw,int argc,char *argv[])
{
uid_t uid = pw->pw_uid;
char *name = cpystr (pw->pw_name);
char *service = (char *) mail_parameters (NIL,GET_SERVICENAME,NIL);
long ret = !(setgid (pw->pw_gid) ||
(strcmp (service,"pop") ? initgroups (name,pw->pw_gid) : T) ||
setuid (uid));
fs_give ((void **) &name);
return ret;
}
-- Mark --
http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.
