Attachment #4075 for bug #5574

View | Details | Raw Unified | Return to bug 5574
Collapse All | Expand All

Lines 502-504 Link Here

(-)MANIFEST (+2 lines)
502	t/spamc_H.t	502	t/spamc_H.t
503	t/spamc_x_E_R.t	503	t/spamc_x_E_R.t
504	t/spamc_x_e.t	504	t/spamc_x_e.t
		505	t/root_spamd_u.t
		506	t/root_spamd_u_dcc.t

Lines 1336-1341 Link Here

(-)lib/Mail/SpamAssassin/Util.pm (+1 lines)
1336	# bug 3586: kludges needed to work around platform dependent behavior assigning to $<	1336	# bug 3586: kludges needed to work around platform dependent behavior assigning to $<
1337	# The POSIX functions deal with that so just use it here	1337	# The POSIX functions deal with that so just use it here
1338	POSIX::setuid($touid);	1338	POSIX::setuid($touid);
		1339	$< = $touid; $> = $touid; # bug 5574
1339		1340
1340	# Check that we have now accomplished the setuid: catch bug 3586 if it comes back	1341	# Check that we have now accomplished the setuid: catch bug 3586 if it comes back
1341	if ($< != $touid) {	1342	if ($< != $touid) {




#!/usr/bin/perl
#
# test for http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5574#c12 .
# run with:   sudo prove -v t/root_spamd*

use lib '.'; use lib 't';
use SATest; sa_t_init("root_spamd_u_dcc");
use Test;

use constant TEST_ENABLED => conf_bool('run_root_tests');
use constant DCC_TEST_ENABLED => conf_bool('run_dcc_tests');
use constant IS_ROOT => eval { ($> == 0); };
use constant RUN_TESTS => (TEST_ENABLED && DCC_TEST_ENABLED && IS_ROOT);

BEGIN { plan tests => (RUN_TESTS ? 23 : 0) };
exit unless RUN_TESTS;

# ---------------------------------------------------------------------------

%patterns = (
        q{ spam reported to DCC }, 'dcc report',
            );

tstpre ("

  loadplugin Mail::SpamAssassin::Plugin::DCC
  dcc_timeout 30

");

ok sarun ("-t -D info -r < data/spam/gtubedcc.eml 2>&1", \&patterns_run_cb);
# ok_all_patterns();

# ---------------------------------------------------------------------------

%patterns = (

q{ X-Spam-Status: Yes, score=}, 'status',
q{ X-Spam-Flag: YES}, 'flag',
q{ X-Spam-Level: **********}, 'stars',

);

# run spamc as unpriv uid
$spamc = "sudo -u nobody $spamc";

$SIG{ALRM} = sub { stop_spamd(); die "timed out"; };
alarm 60;
ok(start_spamd("-c -H -m1"));
alarm 0;

# run a few times to ensure that the child can process more than
# one message successfully. do not bother looking for the dcc
# result; we just want to ensure that the check did not cause
# the spamd kids to get hung
for my $try (1 .. 5) {
  $SIG{ALRM} = sub { stop_spamd(); die "timed out"; };
  alarm 10;
  ok(spamcrun("< data/spam/gtubedcc.eml", \&patterns_run_cb));
  alarm 0;
  ok_all_patterns();
}

ok(stop_spamd());

  + *




#!/usr/bin/perl

# run with:   sudo prove -v t/root_spamd*

use lib '.'; use lib 't';
use SATest; sa_t_init("root_spamd_u");
use Test;

use constant TEST_ENABLED => conf_bool('run_root_tests');
use constant IS_ROOT => eval { ($> == 0); };
use constant RUN_TESTS => (TEST_ENABLED && IS_ROOT);

BEGIN { plan tests => (RUN_TESTS ? 14 : 0) };
exit unless RUN_TESTS;

# ---------------------------------------------------------------------------

%patterns = (

q{ Return-Path: sb55sb55@yahoo.com}, 'firstline',
q{ Subject: There yours for FREE!}, 'subj',
q{ X-Spam-Status: Yes, score=}, 'status',
q{ X-Spam-Flag: YES}, 'flag',
q{ X-Spam-Level: **********}, 'stars',
q{ TEST_ENDSNUMS}, 'endsinnums',
q{ TEST_NOREALNAME}, 'noreal',
q{ This must be the very last line}, 'lastline',

);

# run spamc as unpriv uid
$spamc = "sudo -u nobody $spamc";

ok(start_spamd("-L -u nobody"));

ok(spamcrun("< data/spam/001", \&patterns_run_cb));
ok_all_patterns();

%patterns = (
q{ X-Spam-Status: Yes, score=}, 'status',
q{ X-Spam-Flag: YES}, 'flag',
             );


ok (spamcrun("< data/spam/018", \&patterns_run_cb));
ok_all_patterns();

ok(stop_spamd());
  + *

Lines 1024-1033 Link Here

(-)spamd/spamd.raw (-1 / +2 lines)
1024	# use the POSIX functions to hide the platform specific workarounds	1024	# use the POSIX functions to hide the platform specific workarounds
1025	POSIX::setgid($ugid); # set effective and real gid	1025	POSIX::setgid($ugid); # set effective and real gid
1026	POSIX::setuid($uuid); # set effective and real UID	1026	POSIX::setuid($uuid); # set effective and real UID
		1027	$< = $uuid; $> = $uuid; # bug 5574
1027		1028
1028	# keep the sanity check to catch problems like bug 3900 just in case	1029	# keep the sanity check to catch problems like bug 3900 just in case
1029	if ( $> != $uuid and $> != ( $uuid - 2**32 ) ) {	1030	if ( $> != $uuid and $> != ( $uuid - 2**32 ) ) {
1030	die "spamd: setuid to uid $uuid failed\n";	1031	die "spamd: setuid to uid $uuid failed (> = $>, < = $<)\n";
1031	}	1032	}
1032	}	1033	}
1033		1034

Return to bug 5574

Line 0 Link Here

(-)t/root_spamd_u_dcc.t (+65 lines)
		1	#!/usr/bin/perl
		2	#
		3	# test for http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5574#c12 .
		4	# run with: sudo prove -v t/root_spamd*
		5
		6	use lib '.'; use lib 't';
		7	use SATest; sa_t_init("root_spamd_u_dcc");
		8	use Test;
		9
		10	use constant TEST_ENABLED => conf_bool('run_root_tests');
		11	use constant DCC_TEST_ENABLED => conf_bool('run_dcc_tests');
		12	use constant IS_ROOT => eval { ($> == 0); };
		13	use constant RUN_TESTS => (TEST_ENABLED && DCC_TEST_ENABLED && IS_ROOT);
		14
		15	BEGIN { plan tests => (RUN_TESTS ? 23 : 0) };
		16	exit unless RUN_TESTS;
		17
		18	# ---------------------------------------------------------------------------
		19
		20	%patterns = (
		21	q{ spam reported to DCC }, 'dcc report',
		22	);
		23
		24	tstpre ("
		25
		26	loadplugin Mail::SpamAssassin::Plugin::DCC
		27	dcc_timeout 30
		28
		29	");
		30
		31	ok sarun ("-t -D info -r < data/spam/gtubedcc.eml 2>&1", \&patterns_run_cb);
		32	# ok_all_patterns();
		33
		34	# ---------------------------------------------------------------------------
		35
		36	%patterns = (
		37
		38	q{ X-Spam-Status: Yes, score=}, 'status',
		39	q{ X-Spam-Flag: YES}, 'flag',
		40	q{ X-Spam-Level: **********}, 'stars',
		41
		42	);
		43
		44	# run spamc as unpriv uid
		45	$spamc = "sudo -u nobody $spamc";
		46
		47	$SIG{ALRM} = sub { stop_spamd(); die "timed out"; };
		48	alarm 60;
		49	ok(start_spamd("-c -H -m1"));
		50	alarm 0;
		51
		52	# run a few times to ensure that the child can process more than
		53	# one message successfully. do not bother looking for the dcc
		54	# result; we just want to ensure that the check did not cause
		55	# the spamd kids to get hung
		56	for my $try (1 .. 5) {
		57	$SIG{ALRM} = sub { stop_spamd(); die "timed out"; };
		58	alarm 10;
		59	ok(spamcrun("< data/spam/gtubedcc.eml", \&patterns_run_cb));
		60	alarm 0;
		61	ok_all_patterns();
		62	}
		63
		64	ok(stop_spamd());
65
0	+ *	66	+ *

Line 0 Link Here

(-)t/root_spamd_u.t (+48 lines)
		1	#!/usr/bin/perl
		2
		3	# run with: sudo prove -v t/root_spamd*
		4
		5	use lib '.'; use lib 't';
		6	use SATest; sa_t_init("root_spamd_u");
		7	use Test;
		8
		9	use constant TEST_ENABLED => conf_bool('run_root_tests');
		10	use constant IS_ROOT => eval { ($> == 0); };
		11	use constant RUN_TESTS => (TEST_ENABLED && IS_ROOT);
		12
		13	BEGIN { plan tests => (RUN_TESTS ? 14 : 0) };
		14	exit unless RUN_TESTS;
		15
		16	# ---------------------------------------------------------------------------
		17
		18	%patterns = (
		19
		20	q{ Return-Path: sb55sb55@yahoo.com}, 'firstline',
		21	q{ Subject: There yours for FREE!}, 'subj',
		22	q{ X-Spam-Status: Yes, score=}, 'status',
		23	q{ X-Spam-Flag: YES}, 'flag',
		24	q{ X-Spam-Level: **********}, 'stars',
		25	q{ TEST_ENDSNUMS}, 'endsinnums',
		26	q{ TEST_NOREALNAME}, 'noreal',
		27	q{ This must be the very last line}, 'lastline',
		28
		29	);
		30
		31	# run spamc as unpriv uid
		32	$spamc = "sudo -u nobody $spamc";
		33
		34	ok(start_spamd("-L -u nobody"));
		35
		36	ok(spamcrun("< data/spam/001", \&patterns_run_cb));
		37	ok_all_patterns();
		38
		39	%patterns = (
		40	q{ X-Spam-Status: Yes, score=}, 'status',
		41	q{ X-Spam-Flag: YES}, 'flag',
		42	);
		43
		44
		45	ok (spamcrun("< data/spam/018", \&patterns_run_cb));
		46	ok_all_patterns();
		47
		48	ok(stop_spamd());
0	+ *	49	+ *