On Sat, Jul 20, 2019 at 12:03:03AM +0200, Jesper Wallin wrote:
> On Fri, Jul 19, 2019 at 05:14:03PM -0400, Bryan Steele wrote:
> > I suspect that in secure/-S mode, the :pre[serve] should either be
> > disabled, or modified to stop calling sendmail. The mail it is sending
> > is purely advisory, and should be easy to disable. See common/recover.c.
>
> Oh, you're right. A bit ironic that I didn't notice the exec violation
> due to the fork being permitted now. Thanks for pointing this out!
>
> Scrap my old patch, here's a better proposal:
>
>
> Index: common/recover.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/vi/common/recover.c,v
> retrieving revision 1.29
> diff -u -p -r1.29 recover.c
> --- common/recover.c 10 Nov 2017 18:25:48 -0000 1.29
> +++ common/recover.c 19 Jul 2019 21:57:16 -0000
> @@ -264,7 +264,7 @@ rcv_sync(SCR *sp, u_int flags)
> F_SET(ep, F_RCV_NORM);
>
> /* REQUEST: send email. */
> - if (LF_ISSET(RCV_EMAIL))
> + if (O_ISSET(sp, O_SECURE) == 0 && LF_ISSET(RCV_EMAIL))
> rcv_email(sp, ep->rcv_fd);
> }
>
> @@ -289,7 +289,8 @@ rcv_sync(SCR *sp, u_int flags)
> sp->gp->scr_busy(sp,
> "Copying file for recovery...", BUSY_ON);
> if (rcv_copy(sp, fd, ep->rcv_path) ||
> - close(fd) || rcv_mailfile(sp, 1, buf)) {
> + close(fd) || (O_ISSET(sp, O_SECURE) == 0 &&
> + rcv_mailfile(sp, 1, buf))) {
> (void)unlink(buf);
> (void)close(fd);
> rval = 1;
ok brynet@
