Use setpwent()/endpwent() + all the shadow variants to make sure

we don't inadvertantly leak an fd to the child. Apparently Linux's shadow routines leave the fd open even if you don't call setspent(). Reported by mike@gistnet.com; different patch used.
2001-05-10 18:55:12 +00:00
parent 993409b90f
commit 11127e3468
3 changed files with 41 additions and 13 deletions
--- a/logging.c
+++ b/logging.c
@@ -490,6 +490,9 @@ send_mail(line)
 		}
 		argv[i] = NULL;

+		/* Close password file so we don't leak the fd. */
+		endpwent();
+
 		/* Run mailer as root so user cannot kill it. */
 		set_perms(PERM_ROOT, 0);
 		execv(mpath, argv);