1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
*** pop_dropcopy.c Sat Jun 8 14:44:01 1996
--- pop_dropcopy.c Sat Jun 8 14:50:46 1996
***************
*** 755,760 ****
--- 755,761 ----
the SERVER maildrop */
FILE *tf; /* The temp file */
int tfn;
+ char template[POP_TMPSIZE]; /* Temp name holder */
char buffer[MAXLINELEN]; /* Read buffer */
long offset; /* Old/New boundary */
int nchar; /* Bytes written/read */
***************
*** 788,793 ****
--- 789,805 ----
}
#endif
+ /* First create a unique file. Would prefer mkstemp, but Ultrix...*/
+ strcpy(template,POP_TMPDROP);
+ if (((tfn=mkstemp(template)) == -1) ||
+ ((tf=fdopen(tfn, "w+")) == NULL)) { /* failure, bail out */
+ pop_log(p,POP_PRIORITY,
+ "Unable to create temporary temporary maildrop '%s': %s",template,
+ (errno < sys_nerr) ? sys_errlist[errno] : "") ;
+ return pop_msg(p,POP_FAILURE,
+ "System error, can't create temporary file.");
+ }
+
/* Here we work to make sure the user doesn't cause us to remove or
* write over existing files by limiting how much work we do while
* running as root.
***************
*** 801,806 ****
--- 813,831 ----
pwp->pw_gid = mybuf.st_gid;
# endif
#endif
+
+ /* Now give this file to the user */
+ (void) chown(template, (UID_T)pwp->pw_uid, (GID_T)pwp->pw_gid);
+ /* (void) chmod(template,0600); umask now handles this */
+
+ /* Now link this file to the temporary maildrop. If this fails it
+ * is probably because the temporary maildrop already exists. If so,
+ * this is ok. We can just go on our way, because by the time we try
+ * to write into the file we will be running as the user.
+ */
+ (void) link(template,p->temp_drop);
+ (void) fclose(tf);
+ (void) unlink(template);
/* Now we run as the user. */
(void) setgid((GID_T)pwp->pw_gid);
*** popauth.c Sun Jun 9 12:56:38 1996
--- popauth.c Sun Jun 9 13:00:51 1996
***************
*** 36,43 ****
#include <sys/file.h>
#endif
! #ifdef BSDI
! #define BSD44_DBM
#endif
#ifdef NEED_STRERROR
--- 36,51 ----
#include <sys/file.h>
#endif
! #ifdef HAVE_PARAM_H
! #include <sys/param.h>
! # if (defined(BSD) && (BSD >= 199103))
! # define HAVE_UNISTD_H
! # define HAVE_VSPRINTF
! # define BIND43
! # endif
! # if (defined(BSD) && (BSD >= 199306))
! # define BSD44_DBM
! # endif
#endif
#ifdef NEED_STRERROR
|
