dovecot-2.0-sslstream: anvil, config, log, ssl-params: Drop priv...
dovecot at dovecot.org
dovecot at dovecot.org
Sat Feb 13 02:56:23 EET 2010
details: http://hg.dovecot.org/dovecot-2.0-sslstream/rev/4933856b86d7
changeset: 10321:4933856b86d7
user: Timo Sirainen <tss at iki.fi>
date: Thu Nov 12 18:51:08 2009 -0500
description:
anvil, config, log, ssl-params: Drop privileges as configured.
diffstat:
4 files changed, 20 insertions(+), 4 deletions(-)
src/anvil/main.c | 6 +++++-
src/config/main.c | 6 +++++-
src/log/main.c | 6 +++++-
src/ssl-params/main.c | 6 +++++-
diffs (96 lines):
diff -r 506fba223006 -r 4933856b86d7 src/anvil/main.c
--- a/src/anvil/main.c Thu Nov 12 18:37:57 2009 -0500
+++ b/src/anvil/main.c Thu Nov 12 18:51:08 2009 -0500
@@ -3,6 +3,7 @@
#include "common.h"
#include "array.h"
#include "env-util.h"
+#include "restrict-access.h"
#include "master-service.h"
#include "master-interface.h"
#include "connect-limit.h"
@@ -24,8 +25,11 @@ int main(int argc, char *argv[])
master_service = master_service_init("anvil", 0, &argc, &argv, NULL);
if (master_getopt(master_service) > 0)
return FATAL_DEFAULT;
+ master_service_init_log(master_service, "anvil: ");
- master_service_init_log(master_service, "anvil: ");
+ restrict_access_by_env(NULL, FALSE);
+ restrict_access_allow_coredumps(TRUE);
+
master_service_init_finish(master_service);
connect_limit = connect_limit_init();
penalty = penalty_init();
diff -r 506fba223006 -r 4933856b86d7 src/config/main.c
--- a/src/config/main.c Thu Nov 12 18:37:57 2009 -0500
+++ b/src/config/main.c Thu Nov 12 18:51:08 2009 -0500
@@ -3,6 +3,7 @@
#include "lib.h"
#include "array.h"
#include "env-util.h"
+#include "restrict-access.h"
#include "master-service.h"
#include "config-connection.h"
#include "config-parser.h"
@@ -20,8 +21,11 @@ int main(int argc, char *argv[])
master_service = master_service_init("config", 0, &argc, &argv, NULL);
if (master_getopt(master_service) > 0)
return FATAL_DEFAULT;
+ master_service_init_log(master_service, "config: ");
- master_service_init_log(master_service, "config: ");
+ restrict_access_by_env(NULL, FALSE);
+ restrict_access_allow_coredumps(TRUE);
+
master_service_init_finish(master_service);
config_parse_load_modules();
diff -r 506fba223006 -r 4933856b86d7 src/log/main.c
--- a/src/log/main.c Thu Nov 12 18:37:57 2009 -0500
+++ b/src/log/main.c Thu Nov 12 18:51:08 2009 -0500
@@ -2,6 +2,7 @@
#include "common.h"
#include "lib-signals.h"
+#include "restrict-access.h"
#include "master-interface.h"
#include "master-service.h"
#include "master-service-settings.h"
@@ -51,8 +52,11 @@ int main(int argc, char *argv[])
if (master_service_settings_read_simple(master_service,
NULL, &error) < 0)
i_fatal("Error reading configuration: %s", error);
+ master_service_init_log(master_service, "log: ");
- master_service_init_log(master_service, "log: ");
+ restrict_access_by_env(NULL, FALSE);
+ restrict_access_allow_coredumps(TRUE);
+
master_service_init_finish(master_service);
/* logging should never die if there are some clients */
diff -r 506fba223006 -r 4933856b86d7 src/ssl-params/main.c
--- a/src/ssl-params/main.c Thu Nov 12 18:37:57 2009 -0500
+++ b/src/ssl-params/main.c Thu Nov 12 18:51:08 2009 -0500
@@ -4,6 +4,7 @@
#include "lib-signals.h"
#include "array.h"
#include "ostream.h"
+#include "restrict-access.h"
#include "master-service.h"
#include "ssl-params-settings.h"
#include "ssl-params.h"
@@ -122,8 +123,11 @@ int main(int argc, char *argv[])
if (master_getopt(master_service) > 0)
return FATAL_DEFAULT;
+ set = ssl_params_settings_read(master_service);
- set = ssl_params_settings_read(master_service);
+ restrict_access_by_env(NULL, FALSE);
+ restrict_access_allow_coredumps(TRUE);
+
master_service_init_finish(master_service);
#ifndef HAVE_SSL
More information about the dovecot-cvs
mailing list