diff options
| author | Tony Finch <dot@dot.at> | 2006-05-22 18:42:34 +0000 |
|---|---|---|
| committer | Tony Finch <dot@dot.at> | 2006-05-22 18:42:34 +0000 |
| commit | 805e5aabc6e28e536153862bcef7268f84108fd7 (patch) | |
| tree | 7cc5110c49bc126cad329096bdf5728566a33c86 | |
| parent | 2b965a652edced91a1af8bb36a33d493f721db7d (diff) | |
Call initgroups() when dropping privilege, in order that Exim runs with
consistent privilege.
| -rw-r--r-- | doc/doc-txt/ChangeLog | 4 | ||||
| -rw-r--r-- | src/src/exim.c | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 0a8f13749..4e8657a1f 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.352 2006/05/22 17:43:10 fanf2 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.353 2006/05/22 18:44:24 fanf2 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -20,6 +20,8 @@ SC/03 Collect data on the number of addresses (recipients) as well TF/01 Correct an error in the documentation for the redirect router. Exim does (usually) call initgroups() when daemonizing. +TF/02 Call initgroups() when dropping privilege in exim.c, so that Exim runs with + consistent privilege compared to when running as a daemon. Exim version 4.62 ----------------- diff --git a/src/src/exim.c b/src/src/exim.c index 9384cc192..41016ad3e 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/exim.c,v 1.38 2006/03/16 12:25:24 ph10 Exp $ */ +/* $Cambridge: exim/src/src/exim.c,v 1.39 2006/05/22 18:42:34 fanf2 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -3597,7 +3597,9 @@ root privilege above as a result of -C, -D, -be, -bf or -bF, remove it now except when starting the daemon or doing some kind of delivery or address testing (-bt). These are the only cases when root need to be retained. We run as exim for -bv and -bh. However, if deliver_drop_privilege is set, root is -retained only for starting the daemon. */ +retained only for starting the daemon. We always do the initgroups() in this +situation (controlled by the TRUE below), in order to be as close as possible +to the state Exim usually runs in. */ if (!unprivileged && /* originally had root AND */ !removed_privilege && /* still got root AND */ @@ -3613,7 +3615,7 @@ if (!unprivileged && /* originally had root AND */ ) )) { - exim_setugid(exim_uid, exim_gid, FALSE, US"privilege not needed"); + exim_setugid(exim_uid, exim_gid, TRUE, US"privilege not needed"); } /* When we are retaining a privileged uid, we still change to the exim gid. */ |