Mail Archives: cygwin/2014/07/24/17:38:40

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2014/07/24/17:38:40

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:to:from:subject:date:message-id:references

:mime-version:content-type:content-transfer-encoding; q=dns; s=

default; b=nmfYPujdezuU7LPGSm8TAUdIN3m7u0soIgsXRA/v+71m2yVa0xTDo

UbH3v8VtcuPv/SLkwllGeWaKhfBtjJEzBgI2Y/j4sBfV3J8zP6vlb4a+xY13yKSk

LbyJEa+XxzPJh5Eo2m5wZHYj/yqVjFbK+JuP1czGCBQzj0a7dUrCig=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:to:from:subject:date:message-id:references

:mime-version:content-type:content-transfer-encoding; s=default;

bh=3o91gVZ26/Qc/XKzrwFjWgbK1rQ=; b=Jf7OEhesMwhv72rnf+qrkd6DIy5+

5Wee0AN1LN6EYznO+EYJg/E/D8Uxy1JhYWea3v3Wd9RwfWuWJXedVV5/+gjHmzul

LeLR4bOSMmO6pDTmliPkdNUuPThzkb6OmJb0zukb2HltC0VJzg/MXOHVLOtXZ9rV

5VX9+9P+17z5E64=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2

X-HELO: plane.gmane.org

To: cygwin AT cygwin DOT com

From: "D. Boland" <daniel AT boland DOT nl>

Subject: Re: The eternal uid issue

Date: Thu, 24 Jul 2014 23:42:37 +0200

Lines: 75

Message-ID: <53D17DCD.726524E0@boland.nl>

References: <53CF6CEC DOT 6D68E485 AT boland DOT nl> <20140723091409 DOT GH27005 AT calimero DOT vinschen DOT de> <53CF9E0F DOT F596FC60 AT boland DOT nl> <20140723152357 DOT GA24446 AT calimero DOT vinschen DOT de> <53D0AD3A DOT 1FDF0B3F AT boland DOT nl> <20140724135222 DOT GD12212 AT calimero DOT vinschen DOT de>

Mime-Version: 1.0

X-IsSubscribed: yes

Hi Corinna,

Corinna Vinschen wrote:
> > But this only introduces a new function which she has to put into multiple locations
> > of the original code. So again, why not just modify the 'getuid' function in
> > cygwin1.dll to return '0' if the current user is actually SYSTEM or one of the
> > administrators?
> >
> > Then you have rock-solid emulation. I would not have to modify a single line of
> > code.
> 
> You're kidding, right?  

Haha. I must admit that I was not kidding. I got stuck with the idea that "there can
only be one". 

> What about code like this:
> 
>   struct stat st;
>   stat("foo", &st);
>   if (st.st_uid != getuid ())
>     /*error*/
>   else
>     /*do something*/
> 
> I'm not saying that this is overly elegant coding, but just as you
> expect that getuid() returns 0 for any admin, other applications will
> expect that getuid() reflects reality.
> 
> Why don't you just override getuid in your application to serve the
> applications needs?
> 
>   #ifdef __CYGWIN__
>   #define getuid()      CYG_getuid()
>   #endif
> 
>   [...]
> 
>   #ifdef __CYGWIN__
>   #undef getuid
>   uid_t
>   CYG_getuid ()
>   {
>     /* Return 0 for any admin user. */
>     if (/*getgroups() contains group 544*/)
>       return 0;
>     return getuid ();
>   }
> 
> But be careful.  Just because there are multiple users with admin
> permissions, that doesn't mean they all want their mail in the same
> mailbox for user 0...

Thanks for the overloading code. I already tested it. Now I can leave the Sendmail
code (almost) unchanged. Thanks also for the time you put into this. I hope the
RedHat people pay you well.

I have Sendmail ready to be released, but only the 'crude' version (running as an
admin user). I'd like to go for the preferred solution (starting as admin, switching
to unprivileged). The uid issue is sorted. But to get it there, I have one final
problem to solve.

Sendmail checks if the user's home directories are group- or world writable. It does
this with 'stat'. If Sendmail is running in 'crude' mode (main program and children
running as the Sendmail 'smmsp' user, made admin), stat returns the right file mode
for my home directory (rwxr-xr-x). The email is delivered.

If I have Sendmail running in preferred mode (main program as cyg_server, children
running as 'smmsp', removed from admin group), stat returns the wrong mode
(rwxrwxrwx). As a consequence, Sendmail refuses to deliver email.

Can I do anything about this?

Cincerely,
Daniel

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; q=dns; s=
	default; b=nmfYPujdezuU7LPGSm8TAUdIN3m7u0soIgsXRA/v+71m2yVa0xTDo
	UbH3v8VtcuPv/SLkwllGeWaKhfBtjJEzBgI2Y/j4sBfV3J8zP6vlb4a+xY13yKSk
	LbyJEa+XxzPJh5Eo2m5wZHYj/yqVjFbK+JuP1czGCBQzj0a7dUrCig=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; s=default;
	bh=3o91gVZ26/Qc/XKzrwFjWgbK1rQ=; b=Jf7OEhesMwhv72rnf+qrkd6DIy5+
	5Wee0AN1LN6EYznO+EYJg/E/D8Uxy1JhYWea3v3Wd9RwfWuWJXedVV5/+gjHmzul
	LeLR4bOSMmO6pDTmliPkdNUuPThzkb6OmJb0zukb2HltC0VJzg/MXOHVLOtXZ9rV
	5VX9+9P+17z5E64=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-1.4 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2
X-HELO:	plane.gmane.org
To:	cygwin AT cygwin DOT com
From:	"D. Boland" <daniel AT boland DOT nl>
Subject:	Re: The eternal uid issue
Date:	Thu, 24 Jul 2014 23:42:37 +0200
Lines:	75
Message-ID:	<53D17DCD.726524E0@boland.nl>
References:	<53CF6CEC DOT 6D68E485 AT boland DOT nl> <20140723091409 DOT GH27005 AT calimero DOT vinschen DOT de> <53CF9E0F DOT F596FC60 AT boland DOT nl> <20140723152357 DOT GA24446 AT calimero DOT vinschen DOT de> <53D0AD3A DOT 1FDF0B3F AT boland DOT nl> <20140724135222 DOT GD12212 AT calimero DOT vinschen DOT de>
Mime-Version:	1.0
X-IsSubscribed:	yes