From: Thomas Roessler <roessler@does-not-exist.org>
Date: Tue, 23 Nov 1999 19:17:31 +0000 (+0000)
Subject: Disable core dumps before we ask the user for a pass phrase.
X-Git-Tag: mutt-1-1-2-rel~39
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=35abfd4b2826db9a2ca42d1fc304ba4c47c33f28;p=mutt

Disable core dumps before we ask the user for a pass phrase.
Suggested by <Stefan.Alfredsson@kau.se>.
---

diff --git a/acconfig.h b/acconfig.h
index 1264494d..ed84a2be 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -156,3 +156,11 @@
 /* Define to `int' if <signal.h> doesn't define.  */
 #undef sig_atomic_t
 
+/* define when your system has sys/time.h */
+#undef HAVE_SYS_TIME_H
+
+/* define when your system has sys/resource.h */
+#undef HAVE_SYS_RESOURCE_H
+
+/* define when your system has the setrlimit function */
+#undef HAVE_SETRLIMIT
diff --git a/configure.in b/configure.in
index 02671df3..9da68e9e 100644
--- a/configure.in
+++ b/configure.in
@@ -209,6 +209,9 @@ main ()
 AC_HEADER_STDC
 
 AC_CHECK_HEADERS(stdarg.h sys/ioctl.h sysexits.h)
+AC_CHECK_HEADERS(sys/time.h sys/resource.h)
+
+AC_CHECK_FUNCS(setrlimit)
 
 AC_TYPE_SIGNAL
 
diff --git a/doc/PGP-Notes.txt b/doc/PGP-Notes.txt
index a5faa654..bdf79429 100644
--- a/doc/PGP-Notes.txt
+++ b/doc/PGP-Notes.txt
@@ -124,18 +124,6 @@ as well.
 
 
 
-Q: "Isn't there a security problem that mutt leaves the
-    passphrase in memory which will be dumped into core
-    files upon errors?"
-
-Yes, you may consider this a security problem.  To work
-around this, disable core dumps using resource limits.  On
-most systems, this will be the following instruction in
-your shell:
-
-	ulimit -c 0
-
-
 
 
 
diff --git a/pgp.c b/pgp.c
index f533b9e2..94129f53 100644
--- a/pgp.c
+++ b/pgp.c
@@ -39,6 +39,14 @@
 #include <errno.h>
 #include <ctype.h>
 
+#ifdef HAVE_SYS_RESOURCE_H
+# include <sys/resource.h>
+#endif
+
+#ifdef HAVE_SYS_TIME_H
+# include <sys/time.h>
+#endif
+
 #ifdef _PGPPATH
 
 
@@ -51,10 +59,30 @@ void pgp_void_passphrase (void)
   PgpExptime = 0;
 }
 
+# if defined(HAVE_SETRLIMIT) && (!defined(DEBUG))
+
+static void disable_coredumps (void)
+{
+  struct rlimit rl = {0, 0};
+  static short done = 0;
+
+  if (!done)
+  {
+    setrlimit (RLIMIT_CORE, &rl);
+    done = 1;
+  }
+}
+
+# endif /* HAVE_SETRLIMIT */
+
 int pgp_valid_passphrase (void)
 {
   time_t now = time (NULL);
 
+# if defined(HAVE_SETRLIMIT) && (!defined(DEBUG))
+  disable_coredumps ();
+# endif
+
   if (now < PgpExptime) return 1; /* just use the cached copy. */
   pgp_void_passphrase ();