On Mon, 4 Dec 2006, Mark Sirota wrote:
I haven't tried this with imap-2006*, but in imap-2004g and earlier, this
didn't work for me. I wanted to use "sudo -u user mailutil ...", but
that doesn't work because my_username_full() in src/osdep/unix/env_unix.c
used getlogin() to get the username, then used that username to get the uid,
rather than just using getpwuid(geteuid()).
That doesn't sound right to me. If the UID from the getlogin() lookup
doesn't match the EUID, it will use the reverse lookup of the EUID.
That's what the third line in the test does:
if (((s = (char *) getlogin ()) && *s && (strlen (s) < NETMAXUSER) &&
(pw = getpwnam (s)) && (pw->pw_uid == euid)) ||
(pw = getpwuid (euid)))
env_init (....)
(I also just use pw->pw_dir rather than checking $HOME's status.)
That'll annoy people who specifically set $HOME to override the password
file.
Is there some other way that you recommend using mailutil while setuid'd to
the desired user?
It should work as-distributed. At least, it works for me.
And is there some reason that my much simpler code is
likely to break that I haven't thought of, that justifies the more
complicated approach in the distribution?
It's possible (and some sites do it!) for multiple userids with different
home directories to share a UNIX UID. Hence you really do need to look at
the getlogin() value...
-- Mark --
http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.
_______________________________________________
Imap-uw mailing list
[email protected]
https://mailman1.u.washington.edu/mailman/listinfo/imap-uw
