dovecot-2.2: lib-storage: Ignore MAIL_STORAGE_SERVICE_FLAG_TEMP_...

Thu Aug 1 13:31:36 EEST 2013

details:   http://hg.dovecot.org/dovecot-2.2/rev/43488e1044c9
changeset: 16626:43488e1044c9
user:      Timo Sirainen <tss at iki.fi>
date:      Thu Aug 01 13:31:25 2013 +0300
description:
lib-storage: Ignore MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP if service user isn't root.

diffstat:

 src/lib-storage/mail-storage-service.c |  7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

diffs (17 lines):

diff -r 51b8020b29f6 -r 43488e1044c9 src/lib-storage/mail-storage-service.c

--- a/src/lib-storage/mail-storage-service.c	Tue Jul 30 13:26:40 2013 +0300
+++ b/src/lib-storage/mail-storage-service.c	Thu Aug 01 13:31:25 2013 +0300
@@ -748,6 +748,13 @@
 			PACKAGE_VERSION, version);
 	}
 
+	if ((flags & MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP) != 0 &&
+	    geteuid() != 0) {
+		/* service { user } isn't root. the permission drop can't be
+		   temporary. */
+		flags &= ~MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP;
+	}
+
 	(void)umask(0077);
 	io_loop_set_time_moved_callback(current_ioloop,
 					mail_storage_service_time_moved);
