From: Tony Finch Date: Mon, 22 May 2006 18:42:34 +0000 (+0000) Subject: Call initgroups() when dropping privilege, in order that Exim runs with X-Git-Tag: exim-4_63~46 X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=805e5aabc6e28e536153862bcef7268f84108fd7;p=exim.git Call initgroups() when dropping privilege, in order that Exim runs with consistent privilege. --- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 0a8f13749..4e8657a1f 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.352 2006/05/22 17:43:10 fanf2 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.353 2006/05/22 18:44:24 fanf2 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -20,6 +20,8 @@ SC/03 Collect data on the number of addresses (recipients) as well TF/01 Correct an error in the documentation for the redirect router. Exim does (usually) call initgroups() when daemonizing. +TF/02 Call initgroups() when dropping privilege in exim.c, so that Exim runs with + consistent privilege compared to when running as a daemon. Exim version 4.62 ----------------- diff --git a/src/src/exim.c b/src/src/exim.c index 9384cc192..41016ad3e 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/exim.c,v 1.38 2006/03/16 12:25:24 ph10 Exp $ */ +/* $Cambridge: exim/src/src/exim.c,v 1.39 2006/05/22 18:42:34 fanf2 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -3597,7 +3597,9 @@ root privilege above as a result of -C, -D, -be, -bf or -bF, remove it now except when starting the daemon or doing some kind of delivery or address testing (-bt). These are the only cases when root need to be retained. We run as exim for -bv and -bh. However, if deliver_drop_privilege is set, root is -retained only for starting the daemon. */ +retained only for starting the daemon. We always do the initgroups() in this +situation (controlled by the TRUE below), in order to be as close as possible +to the state Exim usually runs in. */ if (!unprivileged && /* originally had root AND */ !removed_privilege && /* still got root AND */ @@ -3613,7 +3615,7 @@ if (!unprivileged && /* originally had root AND */ ) )) { - exim_setugid(exim_uid, exim_gid, FALSE, US"privilege not needed"); + exim_setugid(exim_uid, exim_gid, TRUE, US"privilege not needed"); } /* When we are retaining a privileged uid, we still change to the exim gid. */