netbsd-bugs: bin/7980: comsat doesn't play too well with procmail

Subject: bin/7980: comsat doesn't play too well with procmail
To: None <gnats-bugs@gnats.netbsd.org>
From: TheMan <andrew@untraceable.net>
List: netbsd-bugs
Date: 07/13/1999 11:51:08
>Number:         7980
>Category:       bin
>Synopsis:       procmail's biff messages are not entirely understood by comsat
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Jul 13 11:50:00 1999
>Last-Modified:
>Originator:     TheMan
>Organization:
just me
>Release:        1.3.3 (and current as well)
>Environment:
	
System: NetBSD noc 1.3.3 NetBSD 1.3.3 (LINGAM) #11: Wed Jun 30 23:59:08 EDT 1999 root@:/usr/src/sys/arch/i386/compile/LINGAM i386


>Description:

procmail sends messages of the form

	username@offset:/path/to/modified/folder

to comsat when new mail is delivered to a mail folder.  this is all
find and well if you (a) have comsat turned off, or (b) have biff
turned off, or even (c) have comsat turned off in your .procmailrc
file.  if you turn it on, however, you will soon notice sporadic
messages crossing your screen about new mail that you don't seem to
have.  this is because procmail knows you've gotten new mail, but
didn't put it in your system inbox.

also...the included patch adds a check to see that the file opened
belongs to the user being notified, and changes the comment in the
bugs section of the man page from

     comsat runs as root so that it can open the users maildrop.

to

     comsat runs as root so that it can setuid to the user in order to open
     the user's maildrop.

>How-To-Repeat:

install procmail.  configure procmail thusly:

% cd $HOME
% cat << EOF > .procmailrc
MAILDIR=\$HOME/Mail
:0:
* ^From netbsd-bugs.*@netbsd.org
IN.netbsd.netbsd-bugs
EOF

change your .forward to use procmail

% cat << EOF > .forward
"|IFS=' '&&exec /usr/local/bin/procmail||exit 75 #yourname"
EOF

wait.  when you get mail on the netbsd-bugs list, you will be notified
by biff about mail in your system mailbox, along with snippets of a
message in your main mailbox.

>Fix:

patch attached.  the changes i made to comsat.8 might need a little
going over.  my language is not the best today for some reason.

--- comsat.c-orig	Mon Jul  6 07:09:06 1998
+++ comsat.c	Tue Jul 13 12:39:01 1999
@@ -79,9 +79,9 @@
 time_t	lastmsgtime;
 int	nutmp, uf;
 
-void jkfprintf __P((FILE *, char[], off_t));
+void jkfprintf __P((FILE *, char[], off_t, char *));
 void mailfor __P((char *));
-void notify __P((struct utmp *, off_t));
+void notify __P((struct utmp *, off_t, char *));
 void onalrm __P((int));
 void reapchildren __P((int));
 int main __P((int, char *[]));
@@ -193,24 +193,27 @@
 	char *name;
 {
 	struct utmp *utp = &utmp[nutmp];
-	char *cp;
+	char *cp, *folder;
 	off_t offset;
 
 	if (!(cp = strchr(name, '@')))
 		return;
 	*cp = '\0';
 	offset = atoi(cp + 1);
+	if ((folder = strchr(cp + 1, ':')))
+		folder += 1;
 	while (--utp >= utmp)
 		if (!strncmp(utp->ut_name, name, sizeof(utmp[0].ut_name)))
-			notify(utp, offset);
+			notify(utp, offset, folder);
 }
 
 static char *cr;
 
 void
-notify(utp, offset)
+notify(utp, offset, folder)
 	struct utmp *utp;
 	off_t offset;
+	char *folder;
 {
 	FILE *tp;
 	struct passwd *p;
@@ -258,24 +261,38 @@
 	if (logging)
 		syslog(LOG_INFO, "biff message for %s", name);
 
-	(void)fprintf(tp, "%s\007New mail for %s@%.*s\007 has arrived:%s----%s",
-	    cr, name, (int)sizeof(hostname), hostname, cr, cr);
-	jkfprintf(tp, name, offset);
+	if (!folder)
+		(void)fprintf(tp,
+		    "%s\007New mail for %s@%.*s\007 has arrived:%s----%s",
+		    cr, name, (int)sizeof(hostname), hostname, cr, cr);
+	else
+		(void)fprintf(tp,
+	"%s\007New mail for %s@%.*s\007 has arrived:%sFolder: %s%s----%s",
+		    cr, name, (int)sizeof(hostname), hostname, cr, folder,
+		    cr, cr);
+	jkfprintf(tp, name, offset, folder);
 	(void)fclose(tp);
 	_exit(0);
 }
 
 void
-jkfprintf(tp, name, offset)
+jkfprintf(tp, name, offset, folder)
 	FILE *tp;
 	char name[];
 	off_t offset;
+	char *folder;
 {
 	FILE *fi;
 	int linecnt, charcnt, inheader;
 	char line[BUFSIZ], visline[BUFSIZ*4];
+	struct stat st;
 
-	if ((fi = fopen(name, "r")) == NULL)
+	fi = NULL;
+	if (folder != NULL && (fi = fopen(folder, "r")) == NULL)
+		return;
+	if (fi == NULL && (fi = fopen(name, "r")) == NULL)
+		return;
+	if (fstat(fileno(fi), &st) == -1 || getuid() != st.st_uid)
 		return;
 
 	(void)fseek(fi, offset, SEEK_SET);
--- comsat.8-orig	Tue Mar 23 07:12:15 1999
+++ comsat.8	Tue Jul 13 12:46:54 1999
@@ -56,7 +56,7 @@
 .Xr inetd 8 ) .
 The one line messages are of the form:
 .Pp
-.Dl user@mailbox-offset
+.Dl user@mailbox-offset[:/path/to/folder]
 .Pp
 If the
 .Em user
@@ -75,6 +75,13 @@
 or
 .Dq Subject
 lines are not included in the displayed message.
+.Pp
+The default
+file that
+.Nm
+searches is the user's system mailbox.  This
+can be overridden by specifying the folder to which new mail
+has been added in the udp message as indicated above.
 .Sh OPTIONS
 The
 .Nm
@@ -107,7 +114,8 @@
 does not mess up the screen.
 .Pp
 .Nm
-runs as root so that it can open the users maildrop.
+runs as root so that it can setuid to the user in order to open the user's
+maildrop.
 .Sh HISTORY
 The
 .Nm
>Audit-Trail:
>Unformatted: