dovecot-1.0: mail_privileged_group didn't work with systems wher...

dovecot at dovecot.org dovecot at dovecot.org
Sun Mar 9 10:35:13 EET 2008


details:   http://hg.dovecot.org/dovecot-1.0/rev/647633551555
changeset: 5535:647633551555
user:      Timo Sirainen <tss at iki.fi>
date:      Sun Mar 09 10:31:31 2008 +0200
description:
mail_privileged_group didn't work with systems where setresgid() wasn't
supported (e.g. OSX, Solaris)

diffstat:

1 file changed, 10 insertions(+), 9 deletions(-)
src/lib/restrict-access.c |   19 ++++++++++---------

diffs (32 lines):

diff -r 3dd130ce8e29 -r 647633551555 src/lib/restrict-access.c
--- a/src/lib/restrict-access.c	Sat Mar 08 05:47:59 2008 +0200
+++ b/src/lib/restrict-access.c	Sun Mar 09 10:31:31 2008 +0200
@@ -78,18 +78,19 @@ static void restrict_init_groups(gid_t p
 			dec2str(privileged_gid), dec2str(geteuid()));
 	}
 #else
-	/* real: primary_gid
-	   effective: privileged_gid
-	   saved: privileged_gid */
-	if (setregid(primary_gid, privileged_gid) != 0) {
+	if (geteuid() == 0) {
+		/* real, effective, saved -> privileged_gid */
+		if (setgid(privileged_gid) < 0) {
+			i_fatal("setgid(%s) failed: %m",
+				dec2str(privileged_gid));
+		}
+	}
+	/* real, effective -> primary_gid
+	   saved -> keep */
+	if (setregid(primary_gid, primary_gid) != 0) {
 		i_fatal("setregid(%s,%s) failed with euid=%s: %m",
 			dec2str(primary_gid), dec2str(privileged_gid),
 			dec2str(geteuid()));
-	}
-	/* effective: privileged_gid -> primary_gid */
-	if (setegid(privileged_gid) != 0) {
-		i_fatal("setegid(%s) failed with euid=%s: %m",
-			dec2str(privileged_gid), dec2str(geteuid()));
 	}
 #endif
 }


More information about the dovecot-cvs mailing list