(mda_catch_body): Switch to the user's uid and change to his homedir

before running his filtering script. Switch back to root before running mda().

(mda_catch_body): Switch to the user's uid and change to his homedir
before running his filtering script. Switch back to root before running mda().
Sergey Poznyakoff
Commit ede97081 ... ede9708156982af47d7b0f3d0f5919e2bbd7aba1 authored 2002-05-16 11:20:46 +0000 by Sergey Poznyakoff
Showing 1 changed file with 27 additions and 3 deletions
mail.local/script.c
--- a/mail.local/script.c
View file @ede9708
+++ b/mail.local/script.c
View file @ede9708
@@ -70,6 +70,26 @@ mda_init (void *data)
  return 0;
 }

+static void
+mda_switch_to_user (struct mda_data *md)
+{
+  struct passwd *pw = NULL;
+  
+  if (md && *md->argv != NULL)
+    pw = mu_getpwnam (*md->argv);
+
+  if (pw)
+    {
+      switch_user_id (pw->pw_uid);
+      chdir (pw->pw_dir);
+    }
+  else
+    {
+      switch_user_id (0);
+      chdir ("/");
+    }
+}
+
 SCM
 mda_catch_body (void *data, mailbox_t mbox)
 {
@@ -84,8 +104,11 @@ mda_catch_body (void *data, mailbox_t mbox)
 	syslog (LOG_DEBUG, "access to %s failed: %m", md->progfile);
    }
  else
-    scm_primitive_load (scm_makfrom0str (md->progfile));
-
+    {
+      mda_switch_to_user (md);
+      scm_primitive_load (scm_makfrom0str (md->progfile));
+    }
+  
  mailbox_get_message (mbox, 1, &mesg);
  message_get_attribute (mesg, &attr);
  if (attribute_is_deleted (attr))
@@ -109,7 +132,8 @@ mda_catch_body (void *data, mailbox_t mbox)
 	}
      unlink (tname);
    }
-      
+
+  mda_switch_to_user (NULL);
  mda (fp, md->argv[0]);
  if (fp != md->fp)
    fclose (fp);