diff options
author | Kyle Evans <kevans@FreeBSD.org> | 2024-08-05 18:43:56 +0000 |
---|---|---|
committer | Gordon Tetlow <gordon@FreeBSD.org> | 2024-09-04 21:31:57 +0000 |
commit | 86d01789bf412b216b11021c44b60f93f6af8955 (patch) | |
tree | 0d01ffadd0fb5a48864694e3e6206c0a68f6e8c2 | |
parent | 57d27c4dc3fe4cb2b5762995a22ae72f980a5b62 (diff) | |
download | src-86d01789bf412b216b11021c44b60f93f6af8955.tar.gz src-86d01789bf412b216b11021c44b60f93f6af8955.zip |
calendar: don't setlogin(2) in the -a user handlers
As of e67975d331 ("Fix 'calendar -a' in several ways."), `calendar -a`
will now fork off a new process for each user and do all of its own
processing in the user's own context.
As a side-effect, calendar(1) started calling setlogin(2) in each of the
forked processes and inadvertently hijacked the login name for the
session it was running under, which was typically not a fresh session
but rather that of whatever cron/periodic run spawned it. Thus, daily
and security e-mails started coming from completely arbitrary user.
We could create a new session, but it appears that nothing calendar(1)
does really needs the login name to be clobbered; opt to just avoid the
setlogin(2) call entirely rather than incur the overhead of a new
session for each process.
PR: 280418
Reviewed by: des, olce
Fixes: e67975d331 ("Fix 'calendar -a' in several ways.")
(cherry picked from commit 6cb8b61efe8899ee9194563108d0ae90c1eb89e3)
(cherry picked from commit 33708452aaabca205d81eceb83e0813e5882815c)
Approved by: so
-rw-r--r-- | usr.bin/calendar/calendar.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr.bin/calendar/calendar.c b/usr.bin/calendar/calendar.c index 476c0495d218..2e3baee7d57f 100644 --- a/usr.bin/calendar/calendar.c +++ b/usr.bin/calendar/calendar.c @@ -224,7 +224,7 @@ main(int argc, char *argv[]) lc = login_getpwclass(pw); if (setusercontext(lc, pw, pw->pw_uid, - LOGIN_SETALL) != 0) + LOGIN_SETALL & ~LOGIN_SETLOGIN) != 0) errx(1, "setusercontext"); setenv("HOME", pw->pw_dir, 1); cal(); |