[Dovecot] Index corruption

Timo Sirainen tss at iki.fi
Mon Oct 18 11:12:36 EEST 2004


On 18.10.2004, at 08:32, Gregory Bond wrote:

> I've had a bit more of a play and I understand it a bit better.  Looks 
> like restrict_access_by_env() is being called in 2 different contexts 
> - once to establish the "dovecot" user , once as root (presumably in 
> the auth daemon).  The call as root fails because the program tries 
> setgid() to prove it can't, but as root this works.

Ah, I see. I didn't realize that root's gid might not be 0.

> -               if (getgid() == 0 || getegid() == 0 || setgid(0) == 0) 
> {
> +               if (getgid() == 0 || getegid() == 0 || (uid != 0 && 
> setgid(0) == 0)) {

Looks good, committing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20041018/af0df789/PGP.pgp


More information about the dovecot mailing list