File mailman-wrapper.patch of Package mailman
--- a/src/cgi-wrapper.c
+++ b/src/cgi-wrapper.c
@@ -33,7 +33,7 @@
const char* logident = LOG_IDENT;
char* script = SCRIPTNAME;
const char* parentgroup = LEGAL_PARENT_GROUP;
-
+const char* gidfile = "/etc/mailman/mailman.cgi-gid";
int
main(int argc, char** argv, char** env)
@@ -42,7 +42,7 @@ main(int argc, char** argv, char** env)
char* fake_argv[3];
running_as_cgi = 1;
- check_caller(logident, parentgroup);
+ check_caller(logident, gidfile);
/* For these CGI programs, we can ignore argc and argv since they
* don't contain anything useful. `script' will always be the driver
--- a/src/common.c
+++ b/src/common.c
@@ -117,47 +117,27 @@ fatal(const char* ident, int exitcode, c
/* Is the parent process allowed to call us?
*/
void
-check_caller(const char* ident, const char* parentgroup)
+check_caller(const char* ident, const char* gidfile)
{
- GID_T mygid = getgid();
- struct group *mygroup = getgrgid(mygid);
- char* option;
- char* server;
- char* wrapper;
+ FILE *gidfile_h;
+ GID_T parentgid;
+ GID_T mygid = getgid();
- if (running_as_cgi) {
- option = "--with-cgi-gid";
- server = "web";
- wrapper = "CGI";
- }
- else {
- option = "--with-mail-gid";
- server = "mail";
- wrapper = "mail";
- }
+ if ((gidfile_h = fopen(gidfile, "r")) == NULL)
+ fatal(ident, GROUP_NAME_NOT_FOUND,
+ "Cannot open wrapper configuration file: %s",
+ strerror(errno));
+ if(!fscanf(gidfile_h, "%d", &parentgid))
+ fatal(ident, GROUP_NAME_NOT_FOUND,
+ "Cannot read wrapper configuration file.");
+ fclose(gidfile_h);
- if (!mygroup)
- fatal(ident, GROUP_NAME_NOT_FOUND,
- "Failure to find group name for GID %d. Mailman\n"
- "expected the %s wrapper to be executed as group\n"
- "\"%s\", but the system's %s server executed the\n"
- "wrapper as GID %d for which the name could not be\n"
- "found. Try adding GID %d to your system as \"%s\",\n"
- "or tweak your %s server to run the wrapper as group\n"
- "\"%s\".",
- mygid, wrapper, parentgroup, server, mygid, mygid,
- parentgroup, server, parentgroup);
+ if (parentgid != mygid) {
+ fatal(ident, GROUP_MISMATCH,
+ "Failure to exec script. WANTED gid %ld, GOT gid %ld.",
+ parentgid, mygid);
+ }
- if (strcmp(parentgroup, mygroup->gr_name))
- fatal(ident, GROUP_MISMATCH,
- "Group mismatch error. Mailman expected the %s\n"
- "wrapper script to be executed as group \"%s\", but\n"
- "the system's %s server executed the %s script as\n"
- "group \"%s\". Try tweaking the %s server to run the\n"
- "script as group \"%s\", or re-run configure, \n"
- "providing the command line option `%s=%s'.",
- wrapper, parentgroup, server, wrapper, mygroup->gr_name,
- server, parentgroup, option, mygroup->gr_name);
}
--- a/src/mail-wrapper.c
+++ b/src/mail-wrapper.c
@@ -27,6 +27,7 @@
const char* parentgroup = LEGAL_PARENT_GROUP;
const char* logident = "Mailman mail-wrapper";
+const char* gidfile = "/etc/mailman/mailman.mail-gid";
@@ -74,7 +75,7 @@ main(int argc, char** argv, char** env)
fatal(logident, MAIL_ILLEGAL_COMMAND,
"Illegal command: %s", argv[1]);
- check_caller(logident, parentgroup);
+ check_caller(logident, gidfile);
/* If we got here, everything must be OK */
status = run_script(argv[1], argc, argv, env);
