September 2, 2019 5:23 PM, "Martijn van Duren" <[email protected]> wrote:
> Gilles should probably elaborate, but the way things are now is that > system(3) is used to start the filters, allowing us to run any arbitrary > (set of) command(s) as a filter. > > Since the filters now in ports are non-interactive commands I proposed > to move them to /usr/local/libexec/smtpd, which gilles@ is a proponent > of. This however means that all filters need to be specified by a full > path, which is not something I would promote. > > Hence the proposition of this diff. > I don't feel comfortable adding that path to PATH, even if we're going to call system() right behind. Why not detect if the command starts with '/' and prepend libexec directory if that's not the case ? > On 9/2/19 5:13 PM, Theo de Raadt wrote: > >> This seems really unconvenitional. >> >> PATH is normally used by interactive commands, or scripts which want >> easily accessible programs. libexec has traditionally been excluded. >> The idea is that programs which need things in libexec, must hardcode >> the path. Intentionally. This is a subdirectory of libexec, probably >> trying to follow the same pattern. So why is it not excluded in the same >> way? >> >> Second questoin: are filter programs going to be in /bin or /usr/sbin? >> If not, why is /bin on this PATH you are defining? >> >> It smell execvp abuse. >> >> Martijn van Duren <[email protected]> wrote: >> >>> With filters most likely defaulting to /usr/local/libexec/smtpd in the >>> near future I would like to add this as the default PATH, followed by >>> the usual suspects. I left the usual suspects in place because people >>> have shown they already implement filters in awk and probably will do >>> so in /bin/sh in the future, which will need all the other paths. >>> >>> I put it in PATH_FILTER, so it can easily be altered for portable >>> where sysadmins may decide to change the path for filters or for >>> us if we ever want anything in base under /usr/libexec/smtpd. >>> >>> OK? >>> >>> martijn@ >>> >>> Index: smtpd.c >>> =================================================================== >>> RCS file: /cvs/src/usr.sbin/smtpd/smtpd.c,v >>> retrieving revision 1.324 >>> diff -u -p -r1.324 smtpd.c >>> --- smtpd.c 26 Jul 2019 07:08:34 -0000 1.324 >>> +++ smtpd.c 2 Sep 2019 15:00:47 -0000 >>> @@ -1350,6 +1350,7 @@ fork_processor(const char *name, const c >>> */ >>> if (read(STDERR_FILENO, &buf, 1) != 0) >>> errx(1, "lka didn't properly close write end of error socket"); >>> + setenv("PATH", PATH_FILTER, 1); >>> if (system(command) == -1) >>> err(1, NULL); >>> >>> Index: smtpd.h >>> =================================================================== >>> RCS file: /cvs/src/usr.sbin/smtpd/smtpd.h,v >>> retrieving revision 1.633 >>> diff -u -p -r1.633 smtpd.h >>> --- smtpd.h 28 Aug 2019 15:50:36 -0000 1.633 >>> +++ smtpd.h 2 Sep 2019 15:00:47 -0000 >>> @@ -56,6 +56,7 @@ >>> #define SMTPD_BACKLOG 5 >>> >>> #define PATH_SMTPCTL "/usr/sbin/smtpctl" >>> +#define PATH_FILTER "/usr/local/libexec/smtpd:" _PATH_DEFPATH >>> >>> #define PATH_OFFLINE "/offline" >>> #define PATH_PURGE "/purge"
