Re: Why fstat() in qmail-send.c:markdone()?

2000-03-19 Thread D. J. Bernstein 

Fred Lindberg writes:
 It's obviously important or it wouldn't be there.

It's a variable that was used with the original qmail queue structure.
It's unused now, and can be removed safely.

---Dan

Re: Why fstat() in qmail-send.c:markdone()?

2000-03-15 Thread Fred Lindberg 

On Fri, 10 Mar 2000 14:42:15 -0600, Fred Lindberg wrote:

   fd = open_write(fn.s);
   if (fd == -1) break;
   if (fstat(fd,st) == -1) { close(fd); break; }
   if (seek_set(fd,pos) == -1) { close(fd); break; }

Ok, I get it. qmail-send doesn't trust qmailq. Without the fstat()
call, qmailq could (via symlink) cause qmail-send (root) to write to an
arbitrary location. fstat() should be faster and more portable than
temporarily dropping privileges(?).

-Sincerely, Fred

(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)

Re: Why fstat() in qmail-send.c:markdone()?

2000-03-15 Thread Dave Sill 

"Fred Lindberg" [EMAIL PROTECTED] wrote:

call, qmailq could (via symlink) cause qmail-send (root) to write to an

qmail-send runs as qmails, not root.

-Dave

Re: Why fstat() in qmail-send.c:markdone()?

2000-03-15 Thread Fred Lindberg 

On Wed, 15 Mar 2000 11:59:11 -0500 (EST), Dave Sill wrote:

qmail-send runs as qmails, not root.

Yes. And the file in question is owned by qmails not qmailq in a
directory writable only by qmails.

If open fails to report an error, this should become obvious in
write(). The fstat() info is not used, but if only qmails can create a
symlink and qmail-send runs as qmails, we're back to the original
question: Why is the fstat() there?


-Sincerely, Fred

(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)

Why fstat() in qmail-send.c:markdone()?

2000-03-10 Thread Fred Lindberg 

It's obviously important or it wouldn't be there. Can anyone explain
why?

From qmail-send.c: markdone():

 for (;;)
  {
   fd = open_write(fn.s);
   if (fd == -1) break;
   if (fstat(fd,st) == -1) { close(fd); break; }
   if (seek_set(fd,pos) == -1) { close(fd); break; }
   if (write(fd,"D",1) != 1) { close(fd); break; }
   /* further errors - double delivery without us knowing about it, oh
well */
   close(fd);
   return;
  }

Thanks!

-Sincerely, Fred

(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)

Re: Why fstat() in qmail-send.c:markdone()?

2000-03-10 Thread Len Budney 

"Fred Lindberg" [EMAIL PROTECTED] wrote:
 It's obviously important or it wouldn't be there. Can anyone explain
 why?

Forgive my speculation--if I'm wrong, somebody correct me! My guess is
that fstat() follows open() because of system-specific open() bugs.

On NFS, for example, open() will sometimes return a descriptor, but
subsequent write() calls will fail with EACCESS. This condition can be
detected through error slippage by calling fstat(), which will also
fail with EACCESS.

Len.


--
The whole point of modern `standards' is to preserve the existing
oligopoly. A few vendors band together to produce a `standard' that
is precisely the disjoint union of their existing implementations,
including all their warts.
-- Henry Baker