[Dovecot] Dovecot on Linux 2.6.0-test1-ac1
Timo Sirainen
tss at iki.fi
Wed Jul 16 10:35:52 EEST 2003
On Wed, 2003-07-16 at 08:56, Grahame Bowland wrote:
> I can imagine why setuid() should ever fail, I've confirmed that the
> daemon is running as UID zero at the time it makes the call. However,
> the call succeeds if I comment out:
> restrict_process_size((unsigned int)-1, 1);
> on line 134 of src/login-common/main.c it starts to work again.
How about if it was done after setuid()? :) With a few tests it looks
like Linux 2.4 and OpenBSD are happy with that.
diff -u -r1.11 main.c
--- src/login-common/main.c 19 Jun 2003 02:00:25 -0000 1.11
+++ src/login-common/main.c 16 Jul 2003 06:34:39 -0000
@@ -130,9 +130,6 @@
static void drop_privileges(const char *name)
{
- /* make sure we can't fork() */
- restrict_process_size((unsigned int)-1, 1);
-
/* Log file or syslog opening probably requires roots */
open_logfile(name);
@@ -143,6 +140,9 @@
/* Refuse to run as root - we should never need it and it's
dangerous with SSL. */
restrict_access_by_env(TRUE);
+
+ /* make sure we can't fork() */
+ restrict_process_size((unsigned int)-1, 1);
}
static void main_init(void)
More information about the dovecot
mailing list