Hi Roger, * Roger Leigh <[EMAIL PROTECTED]> [2007-11-26 12:01]: > % fetchmail > File /home/rleigh/.fetchmailrc must be a regular file. > > % pwd > /home/rleigh > > % ls -l /home/rleigh/.fetchmailrc > lrwxrwxrwx 1 rleigh rleigh 15 2007-11-25 17:14 /home/rleigh/.fetchmailrc -> > etc/fetchmailrc > > % ls -l /home/rleigh/etc/fetchmailrc > -rw------- 1 rleigh rleigh 1057 2005-05-29 13:12 /home/rleigh/etc/fetchmailrc > > I keep all my "dotfiles" in /home/rleigh/etc under revision control > (git) to allow synchronisation between different systems. There's > no reason why a symlink shouldn't be allowed here (though > pipe/device/socket devices etc. are legitimately not useful). > > > If this could be fixed and/or forwarded upstream if appropriate, that > would be super.
I had a short converstation about this with upstream. I
could patch this with:
--- rcfile_y.y 2007-11-26 13:08:52.000000000 +0100
+++ rcfile_y.y.new 2007-11-26 13:08:50.000000000 +0100
@@ -414,7 +414,7 @@
if (!securecheck) return PS_SUCCESS;
- if (!S_ISREG(statbuf.st_mode))
+ if (!S_ISREG(statbuf.st_mode) || !S_ISLNK(statbuf.st_mode))
{
fprintf(stderr, GT_("File %s must be a regular file.\n"), pathname);
return(PS_IOERR);
But this could introduce some race condition with permission or uid
checks. This behaviour also prevents symlink attacks :)
So we suggest to workaround this by either adding a hardlink (if this works
with git internals)
or executing -f - <"${HOME}/.fetchmailrc".
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpJ3BO7wwyVl.pgp
Description: PGP signature
