HomeFreeBSD
Diffusion FreeBSD src repository 6ca3734e928c

comsat: Don't read arbitrary files
6ca3734e928c
Actions

Description

comsat: Don't read arbitrary files

When processing a notification, instead of accepting any file name
that doesn't begin with a slash, accept only file names that don't
contain any slashes at all. This makes it possible to notify a
user about a mailbox that doesn't bear their name, as long as they
are permitted to read it, but prevents comsat from reading files
outside the mail spool.

PR: 270404
MFC after: 1 week
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D51580

(cherry picked from commit 4a4338d94401f0012380d4f1a4d332bd6d44fa8e)

comsat: Don't return from the child

Fixes: 91629228e3df
MFC after: 1 week
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D51581

(cherry picked from commit e40a2c4927a8068d7b6adee69c90ae3be8efc4df)

Details

Provenance
desAuthored on Jul 28 2025, 3:28 PM
Reviewer
emaste
Differential Revision
D51580: comsat: Don't read arbitrary files
Parents
rG1501ecebf5af: comsat: Improve use of setuid()
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
libexec/
comsat/

rG6ca3734e928c

View Options

libexec/comsat/comsat.c

Loading...