Totally botched ths patch...revert back to Rev 1.7, and request a

proper context diff from the submitter...

1 files changed, 1 insertions, 31 deletions

diff --git a/libexec/mail.local/mail.local.c b/libexec/mail.local/mail.local.c
index 91871bc..865fe20 100644
--- a/libexec/mail.local/mail.local.c
+++ b/libexec/mail.local/mail.local.c
@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: mail.local.c,v 1.8 1996/10/22 21:01:01 scrappy Exp $
+ *	$Id: mail.local.c,v 1.9 1996/09/22 21:54:07 wosch Exp $
  */
 
 #ifndef lint
@@ -203,7 +203,6 @@ deliver(fd, name, nobiff)
 	int mbfd, nr, nw, off;
 	char biffmsg[100], buf[8*1024], path[MAXPATHLEN];
 	off_t curoff;
-        uid_t saveeuid;
 
 	/*
 	 * Disallow delivery to unknown names -- special mailboxes can be
@@ -234,49 +233,28 @@ deliver(fd, name, nobiff)
 	 * just return.  Another process may have already opened it, so we
 	 * can't unlink it.  Historically, binmail set the owner/group at
 	 * each mail delivery.  We no longer do this, assuming that if the
-
 	 * ownership or permissions were changed there was a reason.
 	 *
 	 * XXX
 	 * open(2) should support flock'ing the file.
 	 */
-
-	saveeuid=geteuid();
 tryagain:
 	if (lstat(path, &sb)) {
 		mbfd = open(path,
 		    O_APPEND|O_CREAT|O_EXCL|O_WRONLY, S_IRUSR|S_IWUSR);
 		if (mbfd == -1) {
 			if (errno == EEXIST)
-
-
 				goto tryagain;
 		} else if (fchown(mbfd, pw->pw_uid, pw->pw_gid)) {
 			e_to_sys(errno);
 			warn("chown %u.%u: %s", pw->pw_uid, pw->pw_gid, name);
 			return;
 		}
-
-                /* Now that the box is created and permissions are correct, we
-                   close it and go back to the top so that we will come in 
-                   and write as the user.  We dont seteuid() before the above
-                   open, because we have to be root/bin to write in var/mail */
-
-                close(mbfd);
-                goto tryagain;
-
 	} else if (sb.st_nlink != 1 || S_ISLNK(sb.st_mode)) {
 		e_to_sys(errno);
 		warn("%s: linked file", path);
 		return;
 	} else {
-		/* Become the user, so quota enforcement will occur */
-
-		if(seteuid(pw->pw_uid) != 0) {
-			warn("Unable to setuid()");
-			return;
-		}    
-
 		mbfd = open(path, O_APPEND|O_WRONLY, 0);
 		if (mbfd != -1 &&
 		    (fstat(mbfd, &fsb) || fsb.st_nlink != 1 ||
@@ -284,9 +262,7 @@ tryagain:
 		    sb.st_ino != fsb.st_ino)) {
 			warn("%s: file changed after open", path);
 			(void)close(mbfd);
-                        seteuid(saveeuid);
 			return;
-
 		}
 	}
 
@@ -294,7 +270,6 @@ tryagain:
 		e_to_sys(errno);
 		warn("%s: %s", path, strerror(errno));
 		return;
-                seteuid(saveeuid);
 	}
 
 	/* Wait until we can get a lock on the file. */
@@ -308,7 +283,6 @@ tryagain:
 		/* Get the starting offset of the new message for biff. */
 		curoff = lseek(mbfd, (off_t)0, SEEK_END);
 		(void)snprintf(biffmsg, sizeof(biffmsg), "%s@%qd\n",
-
 			       name, curoff);
 	}
 
@@ -330,7 +304,6 @@ tryagain:
 		warn("temporary file: %s", strerror(errno));
 err2:		(void)ftruncate(mbfd, curoff);
 err1:		(void)close(mbfd);
-                seteuid(saveeuid);
 		return;
 	}
 
@@ -347,12 +320,9 @@ err1:		(void)close(mbfd);
 	if (close(mbfd)) {
 		e_to_sys(errno);
 		warn("%s: %s", path, strerror(errno));
-                seteuid(saveeuid);
 		return;
 	}
 
-	seteuid(saveeuid);
-
 	if (!nobiff)
 		notifybiff(biffmsg);
 }