dovecot - Sep 2006 - RC7: BUG! and patch [Was: Re: rc7 bug? [Was: deliver LDA and INBOX location] (fwd)] (fwd)

Could someone confirm, please, that this bug report and its proposed fix
are being checked?

1. Is my analysis (message below) about right?
2. Is my proposed patch (attached) about right?
3. Is this being addressed for "rc8" (or whatever) and its successors?

Many thanks.

-- 

:  David Lee                                I.T. Service          :
:  Senior Systems Programmer                Computer Centre       :
:                                           Durham University     :
:  http://www.dur.ac.uk/t.d.lee/            South Road            :
:                                           Durham DH1 3LE        :
:  Phone: +44 191 334 2752                  U.K.                  :

---------- Forwarded message ----------
Date: Tue, 5 Sep 2006 16:40:00 +0100 (BST)
From: David Lee <t.d.lee at durham.ac.uk>
To: dovecot at dovecot.org
Subject: [Dovecot] RC7: BUG! and patch [Was: Re: rc7 bug? [Was: deliver LDA
    and INBOX location] (fwd)]

On Tue, 5 Sep 2006, David Lee wrote:
> Anyone had any thoughts on the item below? [see earlier in thread]
>
> If the problem is with my config, I'd like to be guided towards how I
> might resolve it.
>
> If it is a bug in rc7, it would be good to fix it, and I'd be happy to
> beta-test.
BUG in rc7 (and probably from much earlier).

The LDA 'deliver' fails to honour any uid (%i) setting in dovecot.conf.
So delivery and reading happen in different places if 'default_mail_env'
uses a '%i' variant.  Clearly incorrect behaviour.

Attached is a draft of a patch which fixes the problem.  Please could the
patch be reviewed and, in some form, applied?

Thanks.

-- 

:  David Lee                                I.T. Service          :
:  Senior Systems Programmer                Computer Centre       :
:                                           Durham University     :
:  http://www.dur.ac.uk/t.d.lee/            South Road            :
:                                           Durham DH1 3LE        :
:  Phone: +44 191 334 2752                  U.K.                  :
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: uid.patch
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20060915/9543889f/attachment.pl>

David Lee wrote:
> Could someone confirm, please, that this bug report and its proposed fix
> are being checked?
>
> 1. Is my analysis (message below) about right?
> 2. Is my proposed patch (attached) about right?
> 3. Is this being addressed for "rc8" (or whatever) and its
successors?
>   
Timo said recently that since he's moved, and with his day job keeping
him flat out at the moment, etc, there's not going to be a great deal of
Dovecot activity until all of that settles.  I expect you will get a
resoponse from him on this at some stage, but don't be upset if it's not
immediately right now.

Cheers,
Pete

On Fri, 2006-09-15 at 14:59 +0100, David Lee wrote:
> Could someone confirm, please, that this bug report and its proposed fix
> are being checked?
> 
> 1. Is my analysis (message below) about right?
> 2. Is my proposed patch (attached) about right?
> 3. Is this being addressed for "rc8" (or whatever) and its
successors?
+       /* get user's details (in particular, the real uid) */
+       upw = getpwnam(user);
+       if (upw == NULL) {
+               i_fatal("Couldn't lookup user's details
(user=%s)", user);
+       }
+       uid = upw->pw_uid;

This is wrong, because it doesn't work with virtual users. The uid is
already looked up from userdb and either it's the same as the user who's
runnning deliver, or if deliver is run as root the privileges are
dropped. In either case you can get the uid with just geteuid() call.

I think this should work (not tested though):

http://dovecot.org/list/dovecot-cvs/2006-September/006408.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20060922/645da7de/attachment.bin>

On Fri, 22 Sep 2006, Timo Sirainen wrote:
> On Fri, 2006-09-15 at 14:59 +0100, David Lee wrote:
> > Could someone confirm, please, that this bug report and its proposed
fix
> > are being checked?
> >
> > 1. Is my analysis (message below) about right?
> > 2. Is my proposed patch (attached) about right?
> > 3. Is this being addressed for "rc8" (or whatever) and its
successors?
>
> +       /* get user's details (in particular, the real uid) */
> +       upw = getpwnam(user);
> +       if (upw == NULL) {
> +               i_fatal("Couldn't lookup user's details
(user=%s)", user);
> +       }
> +       uid = upw->pw_uid;
>
> This is wrong, because it doesn't work with virtual users. The uid is
> already looked up from userdb and either it's the same as the user
who's
> runnning deliver, or if deliver is run as root the privileges are
> dropped. In either case you can get the uid with just geteuid() call.
>
> I think this should work (not tested though):
>
> http://dovecot.org/list/dovecot-cvs/2006-September/006408.html
Many thanks.

I (a dovecot newbie, so unaware of the "virtual user" subtleties) have
just tried your version in our environment: it seems to fix the bug we had
encountered.


-- 

:  David Lee                                I.T. Service          :
:  Senior Systems Programmer                Computer Centre       :
:                                           Durham University     :
:  http://www.dur.ac.uk/t.d.lee/            South Road            :
:                                           Durham DH1 3LE        :
:  Phone: +44 191 334 2752                  U.K.                  :