If we are running as root we setuid() to the user who owns the mailbox. But I
forgot to make sure we create our temporary container directory as that user too.
This commit is contained in:
parent
3939c48518
commit
baeb03abd4
|
@ -943,17 +943,6 @@ def archive(mailbox_name):
|
||||||
os.path.basename(final_archive_name))
|
os.path.basename(final_archive_name))
|
||||||
vprint("archiving '%s' to '%s' ..." % (mailbox_name, final_archive_name))
|
vprint("archiving '%s' to '%s' ..." % (mailbox_name, final_archive_name))
|
||||||
|
|
||||||
# create a temporary directory for us to work in securely
|
|
||||||
old_temp_dir = tempfile.tempdir
|
|
||||||
tempfile.tempdir = None
|
|
||||||
new_temp_dir = tempfile.mktemp('archivemail')
|
|
||||||
assert(new_temp_dir)
|
|
||||||
os.mkdir(new_temp_dir)
|
|
||||||
_stale.temp_dir = new_temp_dir
|
|
||||||
tempfile.tempdir = new_temp_dir
|
|
||||||
|
|
||||||
vprint("set tempfile directory to '%s'" % new_temp_dir)
|
|
||||||
|
|
||||||
# check to see if we are running as root -- if so, change our effective
|
# check to see if we are running as root -- if so, change our effective
|
||||||
# userid and groupid to that of the original mailbox
|
# userid and groupid to that of the original mailbox
|
||||||
if (os.getuid() == 0) and os.path.exists(mailbox_name):
|
if (os.getuid() == 0) and os.path.exists(mailbox_name):
|
||||||
|
@ -964,6 +953,16 @@ def archive(mailbox_name):
|
||||||
vprint("changing effective user id to: %d" % mailbox_user)
|
vprint("changing effective user id to: %d" % mailbox_user)
|
||||||
os.seteuid(mailbox_user)
|
os.seteuid(mailbox_user)
|
||||||
|
|
||||||
|
# create a temporary directory for us to work in securely
|
||||||
|
old_temp_dir = tempfile.tempdir
|
||||||
|
tempfile.tempdir = None
|
||||||
|
new_temp_dir = tempfile.mktemp('archivemail')
|
||||||
|
assert(new_temp_dir)
|
||||||
|
os.mkdir(new_temp_dir)
|
||||||
|
_stale.temp_dir = new_temp_dir
|
||||||
|
tempfile.tempdir = new_temp_dir
|
||||||
|
vprint("set tempfile directory to '%s'" % new_temp_dir)
|
||||||
|
|
||||||
if os.path.islink(mailbox_name):
|
if os.path.islink(mailbox_name):
|
||||||
unexpected_error("'%s' is a symbolic link -- I feel nervous!" %
|
unexpected_error("'%s' is a symbolic link -- I feel nervous!" %
|
||||||
mailbox_name)
|
mailbox_name)
|
||||||
|
@ -982,14 +981,16 @@ def archive(mailbox_name):
|
||||||
else:
|
else:
|
||||||
user_error("'%s': no such file or directory" % mailbox_name)
|
user_error("'%s': no such file or directory" % mailbox_name)
|
||||||
|
|
||||||
|
# remove our special temp directory - hopefully empty
|
||||||
|
os.rmdir(new_temp_dir)
|
||||||
|
_stale.temp_dir = None
|
||||||
|
tempfile.tempdir = old_temp_dir
|
||||||
|
|
||||||
# if we are running as root, revert the seteuid()/setegid() above
|
# if we are running as root, revert the seteuid()/setegid() above
|
||||||
if (os.getuid() == 0):
|
if (os.getuid() == 0):
|
||||||
vprint("changing effective groupid and userid back to root")
|
vprint("changing effective groupid and userid back to root")
|
||||||
os.setegid(0)
|
os.setegid(0)
|
||||||
os.seteuid(0)
|
os.seteuid(0)
|
||||||
os.rmdir(new_temp_dir)
|
|
||||||
_stale.temp_dir = None
|
|
||||||
tempfile.tempdir = old_temp_dir
|
|
||||||
|
|
||||||
|
|
||||||
def _archive_mbox(mailbox_name, final_archive_name):
|
def _archive_mbox(mailbox_name, final_archive_name):
|
||||||
|
|
Loading…
Reference in New Issue