dovecot-2.0: Don't allow auth source/destination services to run...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.0/rev/bfe448b4951f
changeset: 9183:bfe448b4951f
user:      Timo Sirainen <tss at iki.fi>
date:      Thu Apr 30 18:01:10 2009 -0400
description:
Don't allow auth source/destination services to run as root.

diffstat:

1 file changed, 7 insertions(+), 4 deletions(-)
src/master/service-process.c |   11 +++++++----

diffs (33 lines):

diff -r 2f293c844e31 -r bfe448b4951f src/master/service-process.c
--- a/src/master/service-process.c	Thu Apr 30 17:56:47 2009 -0400
+++ b/src/master/service-process.c	Thu Apr 30 18:01:10 2009 -0400
@@ -177,6 +177,7 @@ static void drop_privileges(struct servi
 	struct master_settings *master_set = service->set->master_set;
 	struct restrict_access_settings rset;
 	const char *user, *home = NULL;
+	bool disallow_root;
 
 	restrict_access_init(&rset);
 	rset.uid = service->uid;
@@ -204,15 +205,17 @@ static void drop_privileges(struct servi
 	}
 
 	if (home != NULL) {
-		// FIXME: warn ENOENT if mail_debug=yes
 		if (chdir(home) < 0 && errno != ENOENT)
 			i_error("chdir(%s) failed: %m", home);
 	}
 
-	if (service->set->drop_priv_before_exec)
-		restrict_access(&rset, home, FALSE); //FIXME: disallow_root?
-	else
+	if (service->set->drop_priv_before_exec) {
+		disallow_root = service->type == SERVICE_TYPE_AUTH_SERVER ||
+			service->type == SERVICE_TYPE_AUTH_SOURCE;
+		restrict_access(&rset, home, disallow_root);
+	} else {
 		restrict_access_set_env(&rset);
+	}
 }
 
 static void