Timo, I was surprised to find both an execvp() and a system() call in gdbhelper.c. While gdbhelper should be running as an ordinary user (the person running imap), I find it a bit scary. I realize that the code is getting ready to run gdb, which is god-knows-where in the user's path. But still... Maybe the code should do a getuid() and/or geteuid() and refuse to run if the uid is zero.

Also, the code does the fork() *before* checking the argc count. Maybe do it the other way around so the i_fatal is killing one process instead of two.

Jeff Earickson Colby College