[Mailman-developers] wrappers: legal_caller()

Scott scott@chronis.icgroup.com
Thu, 9 Apr 1998 03:45:38 -0400 

i have installed mailman as part of pilot project to test out new
mailing list managers for work.

i had to change the ./mailman/mail/wrapper program to check for
multiple uids and gids to get the cron jobs to work properly (uid and
gid were that of mailman when sending out results).

has this been incoporated into mailmanv1.0b1.2 yet?  if not, here's a
patch to ./src/mail-wrapper.c (the same change can be applied to the
other legal_caller() functions in the wrappers):

--- src/mail-wrapper.c	Tue Jun 10 12:31:16 1997
+++ src/mail-wrappernew.c	Thu Apr  9 03:41:32 1998
@@ -37,9 +37,18 @@
   NULL /* Sentinal, don't remove */
 };
 
-/* Should make these arrays too... */
-const int  LEGAL_PARENT_UID = 8;  /* mail's UID */
-const int  LEGAL_PARENT_GID = 12; /* mail's GID */
+
+const int  LEGAL_PARENT_UIDS[] = { 
+  1,  /* mail's uid */
+  537, /* mailman's uid */
+  -1  /* Sentinel, don't remove */
+};
+
+const int  LEGAL_PARENT_GIDS[] = {
+  1,  /* mail's gid */
+  100, /* mailman's gid */
+  -1 /* Sentinel, don't remove */
+}; 
 
 
 /*
@@ -77,20 +86,45 @@
 ** is the parent process allowed to call us?
 */
 int legal_caller() {
-    /* compare to our parent's uid */
-    if(LEGAL_PARENT_UID != getuid()) 
+    int uid, gid, isok, idi;
+    isok = 0;
+    idi = 0;
+    uid = getuid();
+    while (LEGAL_PARENT_UIDS[idi] != -1) 
+      {
+	if(LEGAL_PARENT_UIDS[idi] == uid)
+	  {
+	    isok = 1;
+	    break;
+	  }
+	idi++;
+      }
+    if ( isok == 0)
       {
-	fprintf(f,"GOT UID %d.\n", getuid());
-        return 0;
+	fprintf(f,"GOT UID %d.\n", uid);
+	return 0;
       }
-    if(LEGAL_PARENT_GID != getgid())
+    isok = 0;
+    idi = 0;
+    gid = getgid();
+    while (LEGAL_PARENT_GIDS[idi] != -1) 
       {
-	fprintf(f,"GOT GID %d.\n", getgid());
-        return 0;
+	if(LEGAL_PARENT_GIDS[idi] == gid)
+	  {
+	    isok = 1;
+	    break;
+	  }
+	idi++;
+      }
+    if ( isok == 0)
+      {
+	fprintf(f,"GOT GID %d.\n", gid);
+	return 0;
       }
     return 1;
 }
 
+
 int valid_command(char *command){
   int i = 0;
 
@@ -119,7 +153,7 @@
   i = strlen(argv[1]) + strlen(COMMAND_LOCATION) + 2;
   command = (char *)malloc(sizeof(char) * i);
   sprintf(command, "%s/%s", COMMAND_LOCATION, argv[1]);
-
+  fprintf(f, "command is %s\n", command);
   if(!valid_command(argv[1])){
       fprintf(f,"Illegal command.\n");
     }



Scott Cotton
IC Group, Inc