[Dovecot] deliver setgid issues
Timothy White
weirdit at gmail.com
Mon Jun 12 16:31:06 EEST 2006
Timo, any ideas on this one for the next release? I feel a little
scared running it like this, even though it's only the deliver binary
that was linked against the changed libraries...
Tim
On 6/9/06, Timothy White <dovecot.user at weirdo.bur.st> wrote:
> > Is this the issue? Or is there another solution?
>
> Ok, a temporary solution was to comment out a few lines of code in
> dovecot/src/lib/restrict-access.c
>
> Lines 143-146 (beta8) (the first part of the "if (env == NULL) {" block
>
> /* groups - the getgid() checks are just so we don't fail if we're
> not running as root and try to just use our own GID. Do this
> before chrooting so initgroups() actually works. */
> env = getenv("RESTRICT_SETGID");
> gid = env == NULL ? 0 : (gid_t)strtoul(env, NULL, 10);
> if (gid != 0 && (gid != getgid() || gid != getegid())) {
> if (setgid(gid) != 0)
> i_fatal("setgid(%s) failed: %m", dec2str(gid));
>
> env = getenv("RESTRICT_USER");
> if (env == NULL) {
> /* user not known, use only this one group */
> if (setgroups(1, &gid) < 0) {
> i_fatal("setgroups(%s) failed: %m",
> dec2str(gid));
> }
> } else {
> ...
>
> I know this isn't desirable, but it works.
>
> Any suggestions Timo as to other methods fixes?
>
> Thanks
>
> Tim
> --
> Linux Counter user #273956
>
--
Linux Counter user #273956
More information about the dovecot
mailing list