git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Turn TRUSTED_CONFIG_PREFIX_LIST into TRUSTED_CONFIG_LIST. No prefix or regexes
[exim.git]
/
src
/
src
/
exim.c
diff --git
a/src/src/exim.c
b/src/src/exim.c
index d5067215156185a8bbc9c202db5b4050efcb31ca..dce42f0c42647d7537381c7a4dbf1c9bd941ff07 100644
(file)
--- a/
src/src/exim.c
+++ b/
src/src/exim.c
@@
-1971,17
+1971,17
@@
for (i = 1; i < argc; i++)
#endif
if (real_uid != root_uid)
{
#endif
if (real_uid != root_uid)
{
- #ifdef TRUSTED_CONFIG_
PREFIX_
LIST
+ #ifdef TRUSTED_CONFIG_LIST
- if (
(
real_uid != exim_uid
-
#ifdef CONFIGURE_OWNER
-
&& real_uid != config_uid
-
#endif
-
) || Ustrstr(argrest, "/../")
)
+ if (real_uid != exim_uid
+ #ifdef CONFIGURE_OWNER
+ && real_uid != config_uid
+ #endif
+ )
trusted_config = FALSE;
else
{
trusted_config = FALSE;
else
{
- FILE *trust_list = Ufopen(TRUSTED_CONFIG_
PREFIX_
LIST, "rb");
+ FILE *trust_list = Ufopen(TRUSTED_CONFIG_LIST, "rb");
if (trust_list)
{
struct stat statbuf;
if (trust_list)
{
struct stat statbuf;
@@
-2007,8
+2007,8
@@
for (i = 1; i < argc; i++)
{
/* Well, the trust list at least is up to scratch... */
void *reset_point = store_get(0);
{
/* Well, the trust list at least is up to scratch... */
void *reset_point = store_get(0);
- uschar *trusted_
prefixe
s[32];
- int nr_
prefixe
s = 0;
+ uschar *trusted_
config
s[32];
+ int nr_
config
s = 0;
int i = 0;
while (Ufgets(big_buffer, big_buffer_size, trust_list))
int i = 0;
while (Ufgets(big_buffer, big_buffer_size, trust_list))
@@
-2021,13
+2021,13
@@
for (i = 1; i < argc; i++)
nl = Ustrchr(start, '\n');
if (nl)
*nl = 0;
nl = Ustrchr(start, '\n');
if (nl)
*nl = 0;
- trusted_
prefixes[nr_prefixe
s++] = string_copy(start);
- if (nr_
prefixe
s == 32)
+ trusted_
configs[nr_config
s++] = string_copy(start);
+ if (nr_
config
s == 32)
break;
}
fclose(trust_list);
break;
}
fclose(trust_list);
- if (nr_
prefixe
s)
+ if (nr_
config
s)
{
int sep = 0;
uschar *list = argrest;
{
int sep = 0;
uschar *list = argrest;
@@
-2035,14
+2035,12
@@
for (i = 1; i < argc; i++)
while (trusted_config && (filename = string_nextinlist(&list,
&sep, big_buffer, big_buffer_size)) != NULL)
{
while (trusted_config && (filename = string_nextinlist(&list,
&sep, big_buffer, big_buffer_size)) != NULL)
{
- for (i=0; i < nr_
prefixe
s; i++)
+ for (i=0; i < nr_
config
s; i++)
{
{
- int len = Ustrlen(trusted_prefixes[i]);
- if (Ustrlen(filename) >= len &&
- Ustrncmp(filename, trusted_prefixes[i], len) == 0)
+ if (Ustrcmp(filename, trusted_configs[i]) == 0)
break;
}
break;
}
- if (i == nr_
prefixe
s)
+ if (i == nr_
config
s)
{
trusted_config = FALSE;
break;
{
trusted_config = FALSE;
break;
@@
-3487,7
+3485,7
@@
if (removed_privilege && (!trusted_config || macros != NULL) &&
else
log_write(0, LOG_MAIN|LOG_PANIC,
"exim user lost privilege for using %s option",
else
log_write(0, LOG_MAIN|LOG_PANIC,
"exim user lost privilege for using %s option",
-
(int)exim_uid,
trusted_config? "-D" : "-C");
+ trusted_config? "-D" : "-C");
}
/* Start up Perl interpreter if Perl support is configured and there is a
}
/* Start up Perl interpreter if Perl support is configured and there is a