dovecot-1.3: restrict-access: More fixes to root checking.
dovecot at dovecot.org
dovecot at dovecot.org
Fri Apr 10 02:08:15 EEST 2009
details: http://hg.dovecot.org/dovecot-1.3/rev/095837e6c073
changeset: 9052:095837e6c073
user: Timo Sirainen <tss at iki.fi>
date: Thu Apr 09 18:41:13 2009 -0400
description:
restrict-access: More fixes to root checking.
diffstat:
2 files changed, 10 insertions(+), 10 deletions(-)
src/lib/restrict-access.c | 18 +++++++++---------
src/lib/restrict-access.h | 2 +-
diffs (59 lines):
diff -r 1320550c00a2 -r 095837e6c073 src/lib/restrict-access.c
--- a/src/lib/restrict-access.c Thu Apr 09 18:31:53 2009 -0400
+++ b/src/lib/restrict-access.c Thu Apr 09 18:41:13 2009 -0400
@@ -225,7 +225,7 @@ static void fix_groups_list(const struct
}
void restrict_access(const struct restrict_access_settings *set,
- const char *home)
+ const char *home, bool disallow_root)
{
bool is_root, have_root_group, preserve_groups = FALSE;
bool allow_root_gid;
@@ -297,9 +297,14 @@ void restrict_access(const struct restri
}
/* verify that we actually dropped the privileges */
- if (set->uid != (uid_t)-1 && set->uid != 0) {
- if (setuid(0) == 0)
+ if (set->uid != 0 || disallow_root) {
+ if (setuid(0) == 0) {
+ if (disallow_root &&
+ (set->uid == 0 || set->uid == (uid_t)-1))
+ i_fatal("This process must not be run as root");
+
i_fatal("We couldn't drop root privileges");
+ }
}
if (set->first_valid_gid != 0)
@@ -381,16 +386,11 @@ void restrict_access_by_env(const char *
if ((value = getenv("RESTRICT_GID_LAST")) != NULL)
set.last_valid_gid = (gid_t)strtol(value, NULL, 10);
- if (disallow_root) {
- if (set.uid == (uid_t)-1 || set.uid == 0)
- i_fatal("This process must not be run as root");
- }
-
set.extra_groups = null_if_empty(getenv("RESTRICT_SETEXTRAGROUPS"));
set.system_groups_user = null_if_empty(getenv("RESTRICT_USER"));
set.chroot_dir = null_if_empty(getenv("RESTRICT_CHROOT"));
- restrict_access(&set, home);
+ restrict_access(&set, home, disallow_root);
/* clear the environment, so we don't fail if we get back here */
env_remove("RESTRICT_SETUID");
diff -r 1320550c00a2 -r 095837e6c073 src/lib/restrict-access.h
--- a/src/lib/restrict-access.h Thu Apr 09 18:31:53 2009 -0400
+++ b/src/lib/restrict-access.h Thu Apr 09 18:41:13 2009 -0400
@@ -28,7 +28,7 @@ void restrict_access_init(struct restric
/* Restrict access as specified by the settings. If home is not NULL,
it's chdir()ed after chrooting, otherwise it chdirs to / (the chroot). */
void restrict_access(const struct restrict_access_settings *set,
- const char *home);
+ const char *home, bool disallow_root);
/* Set environment variables so they can be read with
restrict_access_by_env(). */
void restrict_access_set_env(const struct restrict_access_settings *set);
More information about the dovecot-cvs
mailing list