8f9bd2a169
commands as the majordomo user. Submitted by: Dale Clark <clark@ARSC.EDU>
211 lines
4.7 KiB
Text
211 lines
4.7 KiB
Text
--- archive2.pl Mon Jan 3 14:35:32 2000
|
|
+++ archive2.pl.new Mon Jan 3 14:36:16 2000
|
|
@@ -54,10 +54,23 @@
|
|
shift(@ARGV);
|
|
shift(@ARGV);
|
|
}
|
|
-if (! -r $cf) {
|
|
- die("$cf not readable; stopped");
|
|
+
|
|
+if (not sysopen CONFIG,$cf,O_RDONLY)
|
|
+{
|
|
+ die sprintf qq|Unable to sysopen config file "$cf"%s.\n|,$! ? ": $!" : '';
|
|
}
|
|
-require "$cf";
|
|
+elsif ((stat CONFIG)[4] != $>)
|
|
+{
|
|
+ die qq|Config file "$cf" not owned by effective UID.\n|;
|
|
+}
|
|
+elsif (eval(join '',<CONFIG>),$@)
|
|
+{
|
|
+ die qq|Unable to eval "$cf": $@.\n|;
|
|
+}
|
|
+else
|
|
+{
|
|
+ close CONFIG;
|
|
+}
|
|
|
|
# All these should be in the standard PERL library
|
|
unshift(@INC, $homedir);
|
|
--- bounce-remind Mon Jan 3 14:35:32 2000
|
|
+++ bounce-remind.new Mon Jan 3 14:38:16 2000
|
|
@@ -24,10 +24,23 @@
|
|
shift(@ARGV);
|
|
shift(@ARGV);
|
|
}
|
|
-if (! -r $cf) {
|
|
- die("$cf not readable; stopped");
|
|
+
|
|
+if (not sysopen CONFIG,$cf,O_RDONLY)
|
|
+{
|
|
+ die sprintf qq|Unable to sysopen config file "$cf"%s.\n|,$! ? ": $!" : '';
|
|
}
|
|
-require "$cf";
|
|
+elsif ((stat CONFIG)[4] != $>)
|
|
+{
|
|
+ die qq|Config file "$cf" not owned by effective UID.\n|;
|
|
+}
|
|
+elsif (eval(join '',<CONFIG>),$@)
|
|
+{
|
|
+ die qq|Unable to eval "$cf": $@.\n|;
|
|
+}
|
|
+else
|
|
+{
|
|
+ close CONFIG;
|
|
+}
|
|
|
|
# Go to the home directory specified by the .cf file
|
|
chdir("$homedir");
|
|
--- config-test.orig Wed Aug 27 08:17:13 1997
|
|
+++ config-test Wed Jan 5 01:41:37 2000
|
|
@@ -119,10 +119,21 @@
|
|
|
|
$cf = $ARGV[0] || $ENV{'MAJORDOMO_CF'};
|
|
|
|
-if (eval "require '$cf'") {
|
|
- &good("'require'd $cf okay.");
|
|
-} else {
|
|
- &bad("something's wrong with $cf: $@");
|
|
+if (not sysopen CONFIG,$cf,O_RDONLY)
|
|
+{
|
|
+ die sprintf qq|Unable to sysopen config file "$cf"%s.\n|,$! ? ": $!" : '';
|
|
+}
|
|
+elsif ((stat CONFIG)[4] != $>)
|
|
+{
|
|
+ die qq|Config file "$cf" not owned by effective UID.\n|;
|
|
+}
|
|
+elsif (eval(join '',<CONFIG>),$@)
|
|
+{
|
|
+ die qq|Unable to eval "$cf": $@.\n|;
|
|
+}
|
|
+else
|
|
+{
|
|
+ close CONFIG;
|
|
}
|
|
|
|
foreach (@requires) {
|
|
--- digest.orig Wed Jan 5 01:44:09 2000
|
|
+++ digest Wed Jan 5 01:45:38 2000
|
|
@@ -315,7 +315,23 @@
|
|
# Read and execute the .cf file
|
|
$cf = $opt_c || $ENV{"MAJORDOMO_CF"} ||
|
|
"%%PREFIX%%/majordomo/majordomo.cf";
|
|
- require "$cf";
|
|
+
|
|
+if (not sysopen CONFIG,$cf,O_RDONLY)
|
|
+{
|
|
+ die sprintf qq|Unable to sysopen config file "$cf"%s.\n|,$! ? ": $!" : '';
|
|
+}
|
|
+elsif ((stat CONFIG)[4] != $>)
|
|
+{
|
|
+ die qq|Config file "$cf" not owned by effective UID.\n|;
|
|
+}
|
|
+elsif (eval(join '',<CONFIG>),$@)
|
|
+{
|
|
+ die qq|Unable to eval "$cf": $@.\n|;
|
|
+}
|
|
+else
|
|
+{
|
|
+ close CONFIG;
|
|
+}
|
|
|
|
chdir($homedir);
|
|
|
|
--- majordomo Mon Jan 3 13:37:13 2000
|
|
+++ majordomo.new Mon Jan 3 14:15:29 2000
|
|
@@ -40,11 +40,23 @@
|
|
die "Unknown argument $ARGV[0]\n";
|
|
}
|
|
}
|
|
-if (! -r $cf) {
|
|
- die("$cf not readable; stopped");
|
|
-}
|
|
|
|
-require "$cf";
|
|
+if (not sysopen CONFIG,$cf,O_RDONLY)
|
|
+{
|
|
+ die sprintf qq|Unable to sysopen config file "$cf"%s.\n|,$! ? ": $!" : '';
|
|
+}
|
|
+elsif ((stat CONFIG)[4] != $>)
|
|
+{
|
|
+ die qq|Config file "$cf" not owned by effective UID.\n|;
|
|
+}
|
|
+elsif (eval(join '',<CONFIG>),$@)
|
|
+{
|
|
+ die qq|Unable to eval "$cf": $@.\n|;
|
|
+}
|
|
+else
|
|
+{
|
|
+ close CONFIG;
|
|
+}
|
|
|
|
# Go to the home directory specified by the .cf file
|
|
chdir("$homedir") || die "chdir to $homedir failed, $!\n";
|
|
--- request-answer Mon Jan 3 14:35:32 2000
|
|
+++ request-answer.new Mon Jan 3 15:09:02 2000
|
|
@@ -20,10 +20,23 @@
|
|
shift(@ARGV);
|
|
shift(@ARGV);
|
|
}
|
|
-if (! -r $cf) {
|
|
- die("$cf not readable; stopped");
|
|
+
|
|
+if (not sysopen CONFIG,$cf,O_RDONLY)
|
|
+{
|
|
+ die sprintf qq|Unable to sysopen config file "$cf"%s.\n|,$! ? ": $!" : '';
|
|
}
|
|
-require "$cf";
|
|
+elsif ((stat CONFIG)[4] != $>)
|
|
+{
|
|
+ die qq|Config file "$cf" not owned by effective UID.\n|;
|
|
+}
|
|
+elsif (eval(join '',<CONFIG>),$@)
|
|
+{
|
|
+ die qq|Unable to eval "$cf": $@.\n|;
|
|
+}
|
|
+else
|
|
+{
|
|
+ close CONFIG;
|
|
+}
|
|
|
|
chdir($homedir) || die("Can't chdir(\"$homedir\"): $!");
|
|
unshift(@INC, $homedir);
|
|
--- resend Mon Jan 3 15:14:49 2000
|
|
+++ resend.new Mon Jan 3 15:16:01 2000
|
|
@@ -56,7 +56,7 @@
|
|
if ($ARGV[0] =~ /^\@/) {
|
|
$fn = shift(@ARGV);
|
|
$fn =~ s/^@//;
|
|
- open(AV, $fn) || die("open(AV, \"$fn\"): $!\nStopped");
|
|
+ sysopen(AV, $fn, O_RDONLY) || die("sysopen(AV, \"$fn\", O_RDONLY): $!\nStopped");
|
|
undef($/); # set input field separator
|
|
$av = <AV>; # read whole file into string
|
|
close(AV);
|
|
@@ -84,11 +84,23 @@
|
|
# Despite not having a place to send the remains of the body,
|
|
# it would be nice to send a message to root or postmaster, at least...
|
|
#
|
|
-if (! -r $cf) {
|
|
- die("$cf not readable; stopped");
|
|
-}
|
|
|
|
-require "$cf";
|
|
+if (not sysopen CONFIG,$cf,O_RDONLY)
|
|
+{
|
|
+ die sprintf qq|Unable to sysopen config file "$cf"%s.\n|,$! ? ": $!" : '';
|
|
+}
|
|
+elsif ((stat CONFIG)[4] != $>)
|
|
+{
|
|
+ die qq|Config file "$cf" not owned by effective UID.\n|;
|
|
+}
|
|
+elsif (eval(join '',<CONFIG>),$@)
|
|
+{
|
|
+ die qq|Unable to eval "$cf": $@.\n|;
|
|
+}
|
|
+else
|
|
+{
|
|
+ close CONFIG;
|
|
+}
|
|
|
|
chdir($homedir) || die("Can't chdir(\"$homedir\"): $!");
|
|
|