dovecot-1.2: deliver: Fixed binary setuid-checking.
dovecot at dovecot.org
dovecot at dovecot.org
Tue Oct 27 19:11:35 EET 2009
details: http://hg.dovecot.org/dovecot-1.2/rev/ead94beba32a
changeset: 9453:ead94beba32a
user: Timo Sirainen <tss at iki.fi>
date: Tue Oct 27 13:11:31 2009 -0400
description:
deliver: Fixed binary setuid-checking.
diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
src/deliver/deliver.c | 2 +-
diffs (12 lines):
diff -r abbb153d4643 -r ead94beba32a src/deliver/deliver.c
--- a/src/deliver/deliver.c Tue Oct 27 00:21:53 2009 -0400
+++ b/src/deliver/deliver.c Tue Oct 27 13:11:31 2009 -0400
@@ -920,7 +920,7 @@ int main(int argc, char *argv[])
fprintf(stderr, "stat(%s) failed: %s\n",
argv[0], strerror(errno));
return EX_TEMPFAIL;
- } else if ((st.st_mode & 1) != 0) {
+ } else if ((st.st_mode & 1) != 0 && (st.st_mode & 04000) != 0) {
fprintf(stderr, "%s must not be both world-executable "
"and setuid-root. This allows root exploits. "
"See http://wiki.dovecot.org/LDA#multipleuids\n",
More information about the dovecot-cvs
mailing list