dovecot-1.1: mail_privileged_group didn't work with systems wher...
dovecot at dovecot.org
dovecot at dovecot.org
Sun Mar 9 10:35:17 EET 2008
details: http://hg.dovecot.org/dovecot-1.1/rev/85934050fdbd
changeset: 7386:85934050fdbd
user: Timo Sirainen <tss at iki.fi>
date: Sun Mar 09 10:31:31 2008 +0200
description:
mail_privileged_group didn't work with systems where setresgid() wasn't
supported (e.g. OSX, Solaris)
diffstat:
1 file changed, 10 insertions(+), 9 deletions(-)
src/lib/restrict-access.c | 19 ++++++++++---------
diffs (32 lines):
diff -r 8e014fd46e84 -r 85934050fdbd src/lib/restrict-access.c
--- a/src/lib/restrict-access.c Sun Mar 09 02:11:19 2008 +0200
+++ b/src/lib/restrict-access.c Sun Mar 09 10:31:31 2008 +0200
@@ -78,18 +78,19 @@ static void restrict_init_groups(gid_t p
dec2str(privileged_gid), dec2str(geteuid()));
}
#else
- /* real: primary_gid
- effective: privileged_gid
- saved: privileged_gid */
- if (setregid(primary_gid, privileged_gid) != 0) {
+ if (geteuid() == 0) {
+ /* real, effective, saved -> privileged_gid */
+ if (setgid(privileged_gid) < 0) {
+ i_fatal("setgid(%s) failed: %m",
+ dec2str(privileged_gid));
+ }
+ }
+ /* real, effective -> primary_gid
+ saved -> keep */
+ if (setregid(primary_gid, primary_gid) != 0) {
i_fatal("setregid(%s,%s) failed with euid=%s: %m",
dec2str(primary_gid), dec2str(privileged_gid),
dec2str(geteuid()));
- }
- /* effective: privileged_gid -> primary_gid */
- if (setegid(privileged_gid) != 0) {
- i_fatal("setegid(%s) failed with euid=%s: %m",
- dec2str(privileged_gid), dec2str(geteuid()));
}
#endif
}
More information about the dovecot-cvs
mailing list