git-svn: trunk@4528
aCaB authored on 2008/12/05 01:26:58... | ... |
@@ -113,6 +113,17 @@ int main(int argc, char **argv) { |
113 | 113 |
|
114 | 114 |
opt_free(opt); |
115 | 115 |
|
116 |
+ if((cpt = cfgopt(copt, "Chroot"))->enabled) { |
|
117 |
+ if(chdir(cpt->strarg) != 0) { |
|
118 |
+ logg("!Cannot change directory to %s\n", cpt->strarg); |
|
119 |
+ return 1; |
|
120 |
+ } |
|
121 |
+ if(chroot(cpt->strarg) != 0) { |
|
122 |
+ logg("!chroot to %s failed. Are you root?\n", cpt->strarg); |
|
123 |
+ return 1; |
|
124 |
+ } |
|
125 |
+ } |
|
126 |
+ |
|
116 | 127 |
if(geteuid() == 0 && (cpt = cfgopt(copt, "User"))->enabled) { |
117 | 128 |
struct passwd *user = NULL; |
118 | 129 |
if((user = getpwnam(cpt->strarg)) == NULL) { |
... | ... |
@@ -285,10 +285,15 @@ void cpool_init(struct cfgstruct *copt) { |
285 | 285 |
|
286 | 286 |
void cpool_free(void) { |
287 | 287 |
unsigned int i; |
288 |
- for(i=0; i<cp->entries; i++) |
|
289 |
- FREESRV(cp->pool[i]); |
|
290 |
- free(cp->pool); |
|
291 |
- free(cp); |
|
288 |
+ if(cp) { |
|
289 |
+ if(cp->pool) { |
|
290 |
+ for(i=0; i<cp->entries; i++) |
|
291 |
+ FREESRV(cp->pool[i]); |
|
292 |
+ free(cp->pool); |
|
293 |
+ } |
|
294 |
+ free(cp); |
|
295 |
+ cp = NULL; |
|
296 |
+ } |
|
292 | 297 |
} |
293 | 298 |
|
294 | 299 |
|
... | ... |
@@ -45,6 +45,10 @@ Example |
45 | 45 |
# Default: no |
46 | 46 |
##Foreground yes |
47 | 47 |
|
48 |
+# Chroot to the specified directory. |
|
49 |
+# Chrooting is performed just after reading the config file and before dropping privileges. |
|
50 |
+# Default: unset (don't chroot) |
|
51 |
+#Chroot /newroot |
|
48 | 52 |
|
49 | 53 |
## |
50 | 54 |
## Clamd options |
... | ... |
@@ -84,7 +88,7 @@ Example |
84 | 84 |
# This option takes a host(name)/mask pair in CIRD notation and can be |
85 | 85 |
# repeated several times. If "/mask" is omitted, a host is assumed. |
86 | 86 |
# To specify a locally orignated, non-smtp, email use the keyword "local" |
87 |
-# Default: unset |
|
87 |
+# Default: unset (scan everything regardless of the origin) |
|
88 | 88 |
#LocalNet local |
89 | 89 |
#LocalNet 192.168.0.0/24 |
90 | 90 |
#LocalNet 1111:2222:3333::/48 |