From 6cb8b61efe8899ee9194563108d0ae90c1eb89e3 Mon Sep 17 00:00:00 2001 From: Kyle Evans Date: Mon, 5 Aug 2024 13:43:56 -0500 Subject: [PATCH] calendar: don't setlogin(2) in the -a user handlers As of e67975d331 ("Fix 'calendar -a' in several ways."), `calendar -a` will now fork off a new process for each user and do all of its own processing in the user's own context. As a side-effect, calendar(1) started calling setlogin(2) in each of the forked processes and inadvertently hijacked the login name for the session it was running under, which was typically not a fresh session but rather that of whatever cron/periodic run spawned it. Thus, daily and security e-mails started coming from completely arbitrary user. We could create a new session, but it appears that nothing calendar(1) does really needs the login name to be clobbered; opt to just avoid the setlogin(2) call entirely rather than incur the overhead of a new session for each process. PR: 280418 Reviewed by: des, olce Fixes: e67975d331 ("Fix 'calendar -a' in several ways.") Differential Revision: https://reviews.freebsd.org/D46095 --- usr.bin/calendar/calendar.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.bin/calendar/calendar.c b/usr.bin/calendar/calendar.c index 7610ad03475966..ebc8d7f5c35e4b 100644 --- a/usr.bin/calendar/calendar.c +++ b/usr.bin/calendar/calendar.c @@ -211,7 +211,7 @@ main(int argc, char *argv[]) lc = login_getpwclass(pw); if (setusercontext(lc, pw, pw->pw_uid, - LOGIN_SETALL) != 0) + LOGIN_SETALL & ~LOGIN_SETLOGIN) != 0) errx(1, "setusercontext"); setenv("HOME", pw->pw_dir, 1); cal();