diff options
| author | Jacek Masiulaniec <jacekm@cvs.openbsd.org> | 2009-03-10 21:14:22 +0000 |
|---|---|---|
| committer | Jacek Masiulaniec <jacekm@cvs.openbsd.org> | 2009-03-10 21:14:22 +0000 |
| commit | d977d409e2c564f9087b0e12e9b0c5ce98d64414 (patch) | |
| tree | b92a389cd77e1ea1c4fcf6ee3ddc4e2bf9d1415d | |
| parent | 3decf2654f5f2302ee3d797ab231eefa3c8852e9 (diff) | |
when calling external mda, use restricted environment; ok gilles@
| -rw-r--r-- | usr.sbin/smtpd/smtpd.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c index 31f173f0f33..be59f9d6108 100644 --- a/usr.sbin/smtpd/smtpd.c +++ b/usr.sbin/smtpd/smtpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.c,v 1.48 2009/03/10 19:13:28 jacekm Exp $ */ +/* $OpenBSD: smtpd.c,v 1.49 2009/03/10 21:14:21 jacekm Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -34,6 +34,7 @@ #include <fcntl.h> #include <login_cap.h> #include <paths.h> +#include <paths.h> #include <pwd.h> #include <regex.h> #include <signal.h> @@ -69,6 +70,8 @@ int parent_forward_open(char *); int check_child(pid_t, const char *); int setup_spool(uid_t, gid_t); +extern char **environ; + pid_t lka_pid = 0; pid_t mfa_pid = 0; pid_t queue_pid = 0; @@ -1096,6 +1099,7 @@ parent_external_mda(char *path, struct passwd *pw, struct batch *batchp) arglist args; char *word; struct mdaproc *mdaproc; + char *envp[2]; log_debug("executing filter as user: %s", pw->pw_name); @@ -1147,6 +1151,10 @@ parent_external_mda(char *path, struct passwd *pw, struct batch *batchp) if (closefrom(STDERR_FILENO + 1) == -1) fatal("closefrom"); + envp[0] = "PATH=" _PATH_DEFPATH; + envp[1] = (char *)NULL; + environ = envp; + execvp(args.list[0], args.list); _exit(1); } |