Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Change from bicknell@csugrad.cs.vt.edu and ceharris@csugrad.cs.vt.edu.

Browse Source 
This closes an apparent security problem on systems where users have
write access to the mail spool.  Since root actually runs comsat, a
user could link their mail file to a system file that they normally
could not access, and use comsat to view said file.  This fix simply
makes sure that the mail file is a REGular file.
This commit is contained in:
briggs 1994-01-30 18:32:39 +00:00
parent 106118de0d
commit 476d26c797
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
libexec/comsat/comsat.c
View File

@ -39,7 +39,7 @@ char copyright[] =
#ifndef lint #ifndef lint
/*static char sccsid[] = "from: @(#)comsat.c 5.24 (Berkeley) 2/25/91";*/ /*static char sccsid[] = "from: @(#)comsat.c 5.24 (Berkeley) 2/25/91";*/
static char rcsid[] = "$Id: comsat.c,v 1.2 1993/08/01 18:31:05 mycroft Exp $"; static char rcsid[] = "$Id: comsat.c,v 1.3 1994/01/30 18:32:39 briggs Exp $";
#endif /* not lint */ #endif /* not lint */
#include <sys/param.h> #include <sys/param.h>
@ -224,8 +224,17 @@ jkfprintf(tp, name, offset)
register char *cp, ch; register char *cp, ch;
register FILE *fi; register FILE *fi;
register int linecnt, charcnt, inheader; register int linecnt, charcnt, inheader;
struct stat st;
char line[BUFSIZ]; char line[BUFSIZ];
if (lstat(name, &st) != 0) {
syslog(LOG_ERR, "Unable to stat mail file.");
return;
}
if (!(S_ISREG(st.st_mode))) {
syslog(LOG_ERR, "Mail file is not a regular file.");
return;
}
if ((fi = fopen(name, "r")) == NULL) if ((fi = fopen(name, "r")) == NULL)
return; return;
(void)fseek(fi, offset, L_SET); (void)fseek(fi, offset, L_SET);