------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=926 --- Comment #9 from Phil Pennock <[email protected]> 2009-12-14 11:24:38 --- Created an attachment (id=363) --> (http://bugs.exim.org/attachment.cgi?id=363) fix opendir() success assumption in mbox_unspool() Because the -bmalware option exposes a new way in, someone other than root/exim with admin privileges can use -C to change config options and cause a drop in privs, at which point mbox_unspool() segfaults because of a previously pretty safe assumption that opendir() would succeed. This patch is relative to CVS and is taken from a diff with attachment 361 already in place; I stripped out the stuff already in 361, but the patch line numbers are a bit off and might need increased fuzz to apply (or just apply manually, it's simple). Note that non-admin users can't trigger this because -bmalware was added as an option only available to admin users (because it could prod at content inside the spool). -- Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email -- ## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
