git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@1064 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/11/05 19:07:45... | ... |
@@ -79,6 +79,7 @@ Martin Blapp <mb*imp.ch> |
79 | 79 |
Igor Brezac <igor*ipass.net> |
80 | 80 |
Mike Brudenell <pmb1*york.ac.uk> |
81 | 81 |
Len Budney <lbudney*pobox.com> |
82 |
+Ales Casar <casar*uni-mb.si> |
|
82 | 83 |
David Champion <dgc*uchicago.edu> |
83 | 84 |
Andrey Cherezov <andrey*cherezov.koenig.su> |
84 | 85 |
Alex Cherney <alex*cher.id.au> |
... | ... |
@@ -116,6 +117,7 @@ Martin Kraft <martin.kraft*fal.de> |
116 | 116 |
Thomas Lamy <Thomas.Lamy*in-online.net> |
117 | 117 |
Marty Lee <marty*maui.co.uk> |
118 | 118 |
Peter N Lewis <peter*stairways.com.au> |
119 |
+Roger Lucas <roger*planbit.co.uk> |
|
119 | 120 |
David S. Madole <david*madole.net> |
120 | 121 |
Joe Maimon <jmaimon*ttec.com> |
121 | 122 |
Andrey V. Malyshev <amal*krasn.ru> |
... | ... |
@@ -1,3 +1,8 @@ |
1 |
+Fri Nov 5 11:04:45 CET 2004 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * freshclam: add support for AllowSupplementaryGroups (patch by Ales Casar |
|
4 |
+ <casar*uni-mb.si>) |
|
5 |
+ |
|
1 | 6 |
Fri Nov 5 09:44:43 CET 2004 (tk) |
2 | 7 |
--------------------------------- |
3 | 8 |
* add UPGRADE file |
... | ... |
@@ -90,7 +95,7 @@ Wed Oct 27 09:30:47 BST 2004 (trog) |
90 | 90 |
Wed Oct 27 07:36:49 BST 2004 (njh) |
91 | 91 |
---------------------------------- |
92 | 92 |
* libclamav/untar.c: Handle links to another file already archived, patch |
93 |
- by "Roger Lucas" <roger@planbit.co.uk> |
|
93 |
+ by "Roger Lucas" <roger*planbit.co.uk> |
|
94 | 94 |
|
95 | 95 |
Sun Oct 24 05:36:39 BST 2004 (njh) |
96 | 96 |
---------------------------------- |
... | ... |
@@ -112,7 +117,7 @@ Fri Oct 22 18:20:03 BST 2004 (njh) |
112 | 112 |
---------------------------------- |
113 | 113 |
* libclamav/message.c: Handle broken messages which state |
114 | 114 |
Content-Transfer-Encoding: us-ascii |
115 |
- reported by arny@arny.ro |
|
115 |
+ reported by arny*arny.ro |
|
116 | 116 |
|
117 | 117 |
Fri Oct 22 16:57:13 BST 2004 (njh) |
118 | 118 |
---------------------------------- |
... | ... |
@@ -28,6 +28,11 @@ If this option is set freshclam will not run. |
28 | 28 |
When started by root, drop privileges to a specified user. .br |
29 | 29 |
Default: @CLAMAVUSER@ |
30 | 30 |
.TP |
31 |
+\fBAllowSupplementaryGroups\fR |
|
32 |
+Initialize supplementary group access (freshclam must be started by root). |
|
33 |
+.br |
|
34 |
+Default: disabled |
|
35 |
+.TP |
|
31 | 36 |
\fBDatabaseDirectory STRING\fR |
32 | 37 |
Path to a directory containing database files. |
33 | 38 |
.br |
... | ... |
@@ -39,6 +39,10 @@ Example |
39 | 39 |
# Default: clamav (may depend on installation options) |
40 | 40 |
#DatabaseOwner clamav |
41 | 41 |
|
42 |
+# Initialize supplementary group access (freshclam must be started by root). |
|
43 |
+# Default: disabled |
|
44 |
+#AllowSupplementaryGroups |
|
45 |
+ |
|
42 | 46 |
# Use DNS to verify virus database version. Freshclam uses DNS TXT records |
43 | 47 |
# to verify database and software versions. We highly recommend enabling |
44 | 48 |
# this option. |
... | ... |
@@ -155,12 +155,21 @@ int freshclam(struct optstruct *opt) |
155 | 155 |
exit(60); /* this is critical problem, so we just exit here */ |
156 | 156 |
} |
157 | 157 |
|
158 |
+ if(cfgopt(copt, "AllowSupplementaryGroups")) { |
|
159 |
+#ifdef HAVE_INITGROUPS |
|
160 |
+ if(initgroups(unpuser, user->pw_gid)) { |
|
161 |
+ mprintf("@initgroups() failed.\n"); |
|
162 |
+ exit(61); |
|
163 |
+ } |
|
164 |
+#endif |
|
165 |
+ } else { |
|
158 | 166 |
#ifdef HAVE_SETGROUPS |
159 |
- if(setgroups(1, &user->pw_gid)) { |
|
160 |
- mprintf("@setgroups() failed.\n"); |
|
161 |
- exit(61); |
|
162 |
- } |
|
167 |
+ if(setgroups(1, &user->pw_gid)) { |
|
168 |
+ mprintf("@setgroups() failed.\n"); |
|
169 |
+ exit(61); |
|
170 |
+ } |
|
163 | 171 |
#endif |
172 |
+ } |
|
164 | 173 |
|
165 | 174 |
if(setgid(user->pw_gid)) { |
166 | 175 |
mprintf("@setgid(%d) failed.\n", (int) user->pw_gid); |