Re: [vchkpw] small fix for vpopmaild

2007-02-18 Thread Justin Heesemann 
shadowplay.net wrote:
> um.. y not use a 
> 
> ln -s vpopdir towherethehellitreallyis
> 
> y are we patching crap that can be handled by the damn
> os

because ./vadddomain supports domains at other locations.
and i don't want to use some sort of hack like

./vaddomain something.com
mv /var/vpopmail/domains/something.com /home/someuser/domains
ln -s /home/someuser/domains/something.com /var/vpopmail/domains/

that's why.


-- 
Mit internetten Grüßen
---
Justin Heesemannionium Technologies
[EMAIL PROTECTED]www.ionium.org

RE: [vchkpw] small fix for vpopmaild

2007-02-18 Thread shadowplay.net 
um.. y not use a 

ln -s vpopdir towherethehellitreallyis

y are we patching crap that can be handled by the damn
os

kenneth gf brown 
ceo shadowplay.net


> -Original Message-
> From: Rick Widmer [mailto:[EMAIL PROTECTED] 
> Sent: February 15, 2007 11:52
> To: vchkpw@inter7.com
> Subject: Re: [vchkpw] small fix for vpopmaild
> 
> 
> 
> 
> Justin Heesemann wrote:
> > Hello..
> > My domains are located somewhere else then 
> > ~vpopmail/domains/somedomain.com (each system user has his own 
> > domains/ directory in his homedir).
> > 
> > Since vpopmaild doesn't allow a server admin to use the
> > read_file/list_dir/write_file ... functions for those 
> domains, I wrote a 
> > small patch.
> 
> Ok.  Can you please upload your patch to the SourceForge 
> tracker so it 
> doesn't get lost.
> 
> http://sourceforge.net/tracker/?group_id=85937&atid=577800
> 
> 
> > Imho a serveradmin account should be able to access ALL domains 
> > handled by
> > vpopmail, so I think this patch should get included in the 
> next release.
> > 
> > Patch is for vpopmail-5.4.18
> 
> I can't tell from just looking at the patch how you are setting 
> valid_domain_path.  As long is you are only exposing mail domain 
> directories with the patch, it should be included in the next 
> release. 
> It would be helpful if you included a little blurb on how your patch 
> decides which directories it allows access to when you upload it.
> 
> Thanks,
> 
> Rick
>

Re: [vchkpw] small fix for vpopmaild

2007-02-15 Thread Rick Widmer 



Justin Heesemann wrote:

Hello..
My domains are located somewhere else then ~vpopmail/domains/somedomain.com
(each system user has his own domains/ directory in his homedir).

Since vpopmaild doesn't allow a server admin to use the 
read_file/list_dir/write_file ... functions for those domains, I wrote a 
small patch.


Ok.  Can you please upload your patch to the SourceForge tracker so it 
doesn't get lost.


   http://sourceforge.net/tracker/?group_id=85937&atid=577800


Imho a serveradmin account should be able to access ALL domains handled by 
vpopmail, so I think this patch should get included in the next release.


Patch is for vpopmail-5.4.18


I can't tell from just looking at the patch how you are setting 
valid_domain_path.  As long is you are only exposing mail domain 
directories with the patch, it should be included in the next release. 
It would be helpful if you included a little blurb on how your patch 
decides which directories it allows access to when you upload it.


Thanks,

Rick

[vchkpw] small fix for vpopmaild

2007-02-15 Thread Justin Heesemann 
Hello..
My domains are located somewhere else then ~vpopmail/domains/somedomain.com
(each system user has his own domains/ directory in his homedir).

Since vpopmaild doesn't allow a server admin to use the 
read_file/list_dir/write_file ... functions for those domains, I wrote a 
small patch.

Imho a serveradmin account should be able to access ALL domains handled by 
vpopmail, so I think this patch should get included in the next release.

Patch is for vpopmail-5.4.18


-- 
Best Regards
---
Justin Heesemann                                        ionium Technologies
[EMAIL PROTECTED]                                                www.ionium.org
*** vpopmaild.old.c	2006-12-17 07:53:39.0 +0100
--- vpopmaild.c	2007-02-15 13:51:51.0 +0100
*** int validate_path(char *newpath, char *p
*** 1239,1244 
--- 1239,1245 
  return(2);
}
  
+   int valid_domain_path = 0;
/* expand the path */
if ( path[0] == '/' ) {
  snprintf(newpath, MAXPATH, path);
*** int validate_path(char *newpath, char *p
*** 1300,1310 
} 
snprintf(newpath, MAXPATH, thedir);
strncat(newpath, &path[i], MAXPATH );
  }
}
  
if ( AuthVpw.pw_gid & SA_ADMIN ) { 
! if ( strncmp(TheVpopmailDomains, newpath, strlen(TheVpopmailDomains))!=0 ) {
snprintf(WriteBuf,sizeof(WriteBuf), 
  RET_ERR "1510 unauthorized directory" RET_CRLF);
return(10);
--- 1301,1312 
} 
snprintf(newpath, MAXPATH, thedir);
strncat(newpath, &path[i], MAXPATH );
+   valid_domain_path = 1;
  }
}
  
if ( AuthVpw.pw_gid & SA_ADMIN ) { 
! if ( valid_domain_path == 0 && strncmp(TheVpopmailDomains, newpath, strlen(TheVpopmailDomains))!=0 ) {
snprintf(WriteBuf,sizeof(WriteBuf), 
  RET_ERR "1510 unauthorized directory" RET_CRLF);
return(10);