dovecot: Preserve DAC_OVERRIDE capability. We may want to open a...
dovecot at dovecot.org
dovecot at dovecot.org
Thu Jun 28 02:13:22 EEST 2007
details: http://hg.dovecot.org/dovecot/rev/c1b32cd98e68
changeset: 5823:c1b32cd98e68
user: root at hurina
date: Thu Jun 28 02:12:19 2007 +0300
description:
Preserve DAC_OVERRIDE capability. We may want to open any config/log files.
diffstat:
1 file changed, 3 insertions(+), 1 deletion(-)
src/master/capabilities-posix.c | 4 +++-
diffs (14 lines):
diff -r 3cb7ddfee63c -r c1b32cd98e68 src/master/capabilities-posix.c
--- a/src/master/capabilities-posix.c Thu Jun 28 01:59:14 2007 +0300
+++ b/src/master/capabilities-posix.c Thu Jun 28 02:12:19 2007 +0300
@@ -13,7 +13,9 @@ void drop_capabilities(void)
CAP_SYS_CHROOT,
CAP_SETUID,
CAP_SETGID,
- CAP_NET_BIND_SERVICE
+ CAP_NET_BIND_SERVICE,
+ /* we may want to open any config/log files */
+ CAP_DAC_OVERRIDE
};
cap_t caps;
More information about the dovecot-cvs
mailing list