-/* $Cambridge: exim/src/src/exim.c,v 1.25 2005/08/23 10:29:10 ph10 Exp $ */
+/* $Cambridge: exim/src/src/exim.c,v 1.35 2006/02/22 14:46:44 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2006 */
/* See the file NOTICE for conditions of use and distribution. */
+/*************************************************
+* Call fopen() with umask 777 and adjust mode *
+*************************************************/
+
+/* Exim runs with umask(0) so that files created with open() have the mode that
+is specified in the open() call. However, there are some files, typically in
+the spool directory, that are created with fopen(). They end up world-writeable
+if no precautions are taken. Although the spool directory is not accessible to
+the world, this is an untidiness. So this is a wrapper function for fopen()
+that sorts out the mode of the created file.
+
+Arguments:
+ filename the file name
+ options the fopen() options
+ mode the required mode
+
+Returns: the fopened FILE or NULL
+*/
+
+FILE *
+modefopen(uschar *filename, char *options, mode_t mode)
+{
+FILE *f;
+umask(0777);
+f = Ufopen(filename, options);
+umask(0);
+if (f != NULL) (void)fchmod(fileno(f), mode);
+return f;
+}
+
+
+
+
/*************************************************
* Ensure stdin, stdout, and stderr exist *
*************************************************/
#endif
fprintf(f, "Support for:");
+#ifdef SUPPORT_CRYPTEQ
+ fprintf(f, " crypteq");
+#endif
#if HAVE_ICONV
fprintf(f, " iconv()");
#endif
#if HAVE_IPV6
fprintf(f, " IPv6");
#endif
+#ifdef HAVE_LOGIN_CAP
+ fprintf(f, " use_classresources");
+#endif
#ifdef SUPPORT_PAM
fprintf(f, " PAM");
#endif
fprintf(f, " OpenSSL");
#endif
#endif
+#ifdef SUPPORT_TRANSLATE_IP_ADDRESS
+ fprintf(f, " translate_ip_address");
+#endif
+#ifdef SUPPORT_MOVE_FROZEN_MESSAGES
+ fprintf(f, " move_frozen_messages");
+#endif
#ifdef WITH_CONTENT_SCAN
fprintf(f, " Content_Scanning");
#endif
fprintf(f, "%d:", (unsigned int)fixed_never_users[i]);
fprintf(f, "%d\n", (unsigned int)fixed_never_users[i]);
}
+
+fprintf(f, "Size of off_t: %d\n", sizeof(off_t));
}
message_id = message_id_external + 1;
message_id[0] = 0;
-/* Set the umask to zero so that any files that Exim creates are created
-with the modes that it specifies. */
+/* Set the umask to zero so that any files that Exim creates using open() are
+created with the modes that it specifies. NOTE: Files created with fopen() have
+a problem, which was not recognized till rather late (February 2006). With this
+umask, such files will be world writeable. (They are all content scanning files
+in the spool directory, which isn't world-accessible, so this is not a
+disaster, but it's untidy.) I don't want to change this overall setting,
+however, because it will interact badly with the open() calls. Instead, there's
+now a function called modefopen() that fiddles with the umask while calling
+fopen(). */
umask(0);
{ badarg = TRUE; break; }
}
originator_name = argrest;
+ sender_name_forced = TRUE;
break;
/* If we cannot get a user login, log the incident and give up, unless the
configuration specifies something to use. When running in the test harness,
-any setting of unknown_login overrides the actual login name. */
+any setting of unknown_login overrides the actual name. */
if (originator_login == NULL || running_in_test_harness)
{
close_unwanted(); /* Close unwanted file descriptors and TLS */
exim_nullstd(); /* Ensure std{in,out,err} exist */
- /* Occasionally in the test harness we don't have synchronous delivery
- set (can happen with bounces). In that case, let the old process finish
- before continuing, to keep the debug output the same. */
-
- if (running_in_test_harness && !synchronous_delivery) millisleep(100);
-
/* Re-exec Exim if we need to regain privilege (note: in mua_wrapper
mode, deliver_drop_privilege is forced TRUE). */
git://git.exim.org / exim.git / blobdiff