dovecot-2.0: lmtp: Set user/group at startup as specified in ser...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.0/rev/70cfc89a3936
changeset: 11282:70cfc89a3936
user:      Timo Sirainen <tss at iki.fi>
date:      Wed May 12 15:23:48 2010 +0200
description:
lmtp: Set user/group at startup as specified in service block.

diffstat:

 src/lmtp/main.c |  17 +++++++++++++++++
 1 files changed, 17 insertions(+), 0 deletions(-)

diffs (34 lines):

diff -r 119d8eebda38 -r 70cfc89a3936 src/lmtp/main.c
--- a/src/lmtp/main.c	Wed May 12 13:16:16 2010 +0200
+++ b/src/lmtp/main.c	Wed May 12 15:23:48 2010 +0200
@@ -33,6 +33,21 @@
 	(void)client_create(conn->fd, conn->fd, conn);
 }
 
+static void drop_privileges(void)
+{
+	struct restrict_access_settings set;
+	const char *error;
+
+	/* by default we don't drop any privileges, but keep running as root. */
+	restrict_access_get_env(&set);
+	if (set.uid != 0) {
+		/* open config connection before dropping privileges */
+		(void)master_service_settings_read_simple(master_service,
+							  NULL, &error);
+	}
+	restrict_access_by_env(NULL, FALSE);
+}
+
 static void main_init(void)
 {
 	struct master_service_connection conn;
@@ -84,6 +99,8 @@
 			return FATAL_DEFAULT;
 		}
 	}
+
+	drop_privileges();
 	master_service_init_finish(master_service);
 	master_service_init_log(master_service,
 				t_strdup_printf("lmtp(%s): ", my_pid));