The good old "permission denied", the ignored group memberships, and a proposed solution
Henrik K
hege at hege.li
Sun May 16 17:57:49 CEST 2021
On Sun, May 16, 2021 at 05:32:18PM +0200, Luc Pardon wrote:
> >
> > Just copy code from SpamAssassin for example, it's worked for a
> > decade everywhere:
>
> One would think that a decade would be plenty of time to get it copied
> over into amavisd <g>.
>
> Seriously, thanks for the pointer. It makes interesting reading for
> somebody like me who is not a native Perl speaker.
Well, old lazy code is also a bad thing. I already noticed there's suspect
matching, $members =~ /\b$user\b/ might falsely match group names containing
underscores (it's a word boundary..). Fixed it to be more strict..
> >
> > https://metacpan.org/release/Mail-SpamAssassin/source/lib/Mail/SpamAssassin/Util.pm
> >
> > Have a look at get_user_groups() and setuid_to_euid() which sets $) /
> > $supgs.
>
> The major problem that I have with assigning to $) is Perl bug RT
> #134169 :
>
> https://rt-archive.perl.org/perl5/Ticket/Display.html?id=134169
Thanks for the pointer, I'll see if something should be enhanced in SA. The
codebase is already full of silly perl bug workarounds..
More information about the amavis-users
mailing list