-/* $Cambridge: exim/src/src/buildconfig.c,v 1.10 2005/06/27 14:29:43 ph10 Exp $ */
+/* $Cambridge: exim/src/src/buildconfig.c,v 1.16 2010/06/06 02:46:13 pdp Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2009 */
/* See the file NOTICE for conditions of use and distribution. */
if (errno_quota[0] != 0)
fprintf(new, "\n#define ERRNO_QUOTA %s\n", errno_quota);
-if (strcmp(cc, "gcc") == 0 && strstr(ostype, "IRIX") != NULL)
+if (strcmp(cc, "gcc") == 0 &&
+ (strstr(ostype, "IRIX") != NULL || strstr(ostype, "AIX") != NULL))
{
fprintf(new, "\n/* This switch includes the code to fix the inet_ntoa() */");
- fprintf(new, "\n/* bug when using gcc on an IRIX system. */");
+ fprintf(new, "\n/* bug when using gcc on an IRIX or AIX system. */");
fprintf(new, "\n#define USE_INET_NTOA_FIX");
}
uid_t uid = 0;
gid_t gid = 0;
int gid_set = 0;
+ int uid_not_set = 0;
char *username = NULL;
char *groupname = NULL;
char *s;
while (isspace(*user)) user++;
username = user;
gid_set = 1;
+ uid_not_set = 1;
}
else
return 1;
}
+ /* security sanity checks
+ if ref: is being used, we can never be sure, but we can take reasonable
+ steps to filter out the most obvious ones. */
+
+ if ((!uid_not_set && uid == 0) ||
+ (strcmp(username, "root") == 0) ||
+ (strcmp(username, "toor") == 0) )
+ {
+ printf("\n*** Exim's internal user must not be root.\n\n");
+ return 1;
+ }
+
/* Output user and group names or uid/gid. When names are set, uid/gid
are set to zero but will be replaced at runtime. */
{
char *wcs = getenv("WITH_CONTENT_SCAN");
char *wod = getenv("WITH_OLD_DEMIME");
- if (wcs != NULL || wod != NULL)
+ char *dcc = getenv("EXPERIMENTAL_DCC");
+ if (wcs != NULL || wod != NULL || dcc != NULL)
fprintf(new, "#define WITH_CONTENT_SCAN yes\n");
else fprintf(new, "/* WITH_CONTENT_SCAN not set */\n");
continue;