diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2010-01-11 12:09:57 +0100 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2010-01-11 12:09:57 +0100 |
commit | edf6beb585dc38c365ccbdaae85756b2814e1329 (patch) | |
tree | c356fda7f3397c3b3427f56a5a1584cab7e513c5 /lib/Plugins/Mailx.cpp | |
parent | 14ef0cfe72faf6696df3ef8f42927e9458ccbeeb (diff) | |
download | abrt-edf6beb585dc38c365ccbdaae85756b2814e1329.tar.gz abrt-edf6beb585dc38c365ccbdaae85756b2814e1329.tar.xz abrt-edf6beb585dc38c365ccbdaae85756b2814e1329.zip |
*: assorted fixes prompted by security analysis; more to come
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'lib/Plugins/Mailx.cpp')
-rw-r--r-- | lib/Plugins/Mailx.cpp | 33 |
1 files changed, 8 insertions, 25 deletions
diff --git a/lib/Plugins/Mailx.cpp b/lib/Plugins/Mailx.cpp index 70eddb8e..df33e84c 100644 --- a/lib/Plugins/Mailx.cpp +++ b/lib/Plugins/Mailx.cpp @@ -39,33 +39,16 @@ CMailx::CMailx() : static void exec_and_feed_input(uid_t uid, const char* pText, char **pArgs) { int pipein[2]; - pid_t child; - xpipe(pipein); - child = fork(); - if (child == -1) - { - close(pipein[0]); - close(pipein[1]); - throw CABRTException(EXCEP_PLUGIN, "Can't fork"); - } - if (child == 0) - { - close(pipein[1]); - xmove_fd(pipein[0], STDIN_FILENO); - - struct passwd* pw = getpwuid(uid); - gid_t gid = pw ? pw->pw_gid : uid; - setgroups(1, &gid); - xsetregid(gid, gid); - xsetreuid(uid, uid); - - execvp(pArgs[0], pArgs); - exit(1); /* exec failed */ - } + pid_t child = fork_execv_on_steroids( + EXECFLG_INPUT | EXECFLG_QUIET | EXECFLG_SETGUID, + pArgs, + pipein, + /*unsetenv_vec:*/ NULL, + /*dir:*/ NULL, + uid); - close(pipein[0]); - safe_write(pipein[1], pText, strlen(pText)); + full_write(pipein[1], pText, strlen(pText)); close(pipein[1]); waitpid(child, NULL, 0); /* wait for command completion */ |