-/* $Cambridge: exim/src/src/exim.c,v 1.67 2010/06/06 00:27:52 pdp Exp $ */
+/* $Cambridge: exim/src/src/exim.c,v 1.71 2010/06/07 00:12:42 pdp Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
* Show supported features *
*************************************************/
-/* This function is called for -bV and for -d to output the optional features
-of the current Exim binary.
+/* This function is called for -bV/--version and for -d to output the optional
+features of the current Exim binary.
Arguments: a FILE for printing
Returns: nothing
fprintf(f, "%d\n", (unsigned int)fixed_never_users[i]);
}
-fprintf(f, "Size of off_t: %d\n", sizeof(off_t));
+fprintf(f, "Size of off_t: " SIZE_T_FMT "\n", sizeof(off_t));
/* This runtime check is to help diagnose library linkage mismatches which
result in segfaults and the like; as such, it's left until the end,
#ifdef EXIM_USERNAME
if (route_finduser(US EXIM_USERNAME, &pw, &exim_uid))
{
+ if (exim_uid == 0)
+ {
+ fprintf(stderr, "exim: refusing to run with uid 0 for \"%s\"\n",
+ EXIM_USERNAME);
+ exit(EXIT_FAILURE);
+ }
exim_gid = pw->pw_gid;
}
else
unprivileged = (real_uid != root_uid && original_euid != root_uid);
-/* If the first argument is --help, set usage_wanted and pretend there
-are no arguments. This will cause a brief message to be given. We do
-the message generation downstream so we can pick up how we were invoked */
-
-if (argc > 1 && Ustrcmp(argv[1], "--help") == 0)
- {
- argc = 1;
- usage_wanted = TRUE;
- }
-
/* Scan the program's arguments. Some can be dealt with right away; others are
simply recorded for checking and handling afterwards. Do a high-level switch
on the second character (the one after '-'), to save some effort. */
argrest++;
}
+ /* deal with --option_aliases */
+ else if (switchchar == '-')
+ {
+ if (Ustrcmp(argrest, "help") == 0)
+ {
+ usage_wanted = TRUE;
+ break;
+ }
+ else if (Ustrcmp(argrest, "version") == 0)
+ {
+ switchchar = 'b';
+ argrest = US"V";
+ }
+ }
+
/* High-level switch on active initial letter */
switch(switchchar)
config_main_filelist = argrest;
config_changed = TRUE;
+ trusted_config = FALSE;
}
break;
configuration file changes and macro definitions haven't happened. */
if (( /* EITHER */
- (config_changed || macros != NULL) && /* Config changed, and */
+ (!trusted_config || macros != NULL) && /* Config changed, and */
real_uid != root_uid && /* Not root, and */
#ifndef ALT_CONFIG_ROOT_ONLY /* (when not locked out) */
real_uid != exim_uid && /* Not exim, and */
built-in exim user or one defined in the configuration. In either event,
re-enable log processing, assuming the sysadmin knows what they are doing. */
-if (removed_privilege && (config_changed || macros != NULL) &&
+if (removed_privilege && (!trusted_config || macros != NULL) &&
real_uid == exim_uid)
{
#ifdef ALT_CONFIG_ROOT_ONLY
else
log_write(0, LOG_MAIN|LOG_PANIC,
"exim user (uid=%d) is defined only at runtime; privilege lost for %s",
- (int)exim_uid, config_changed? "-C" : "-D");
+ (int)exim_uid, trusted_config? "-D" : "-C");
#endif
}
/* Handle a request to scan a file for malware */
if (malware_test_file)
{
+#ifdef WITH_CONTENT_SCAN
int result;
set_process_info("scanning file for malware");
result = malware_in_file(malware_test_file);
printf("Malware found: %s\n", malware_name);
else
printf("Malware scan detected malware of unknown name.\n");
+#else
+ printf("Malware scanning not enabled at compile time.\n");
+#endif
exit(EXIT_FAILURE);
}