-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.352 2006/05/22 17:43:10 fanf2 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.353 2006/05/22 18:44:24 fanf2 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
TF/01 Correct an error in the documentation for the redirect router. Exim
does (usually) call initgroups() when daemonizing.
+TF/02 Call initgroups() when dropping privilege in exim.c, so that Exim runs with
+ consistent privilege compared to when running as a daemon.
Exim version 4.62
-----------------
-/* $Cambridge: exim/src/src/exim.c,v 1.38 2006/03/16 12:25:24 ph10 Exp $ */
+/* $Cambridge: exim/src/src/exim.c,v 1.39 2006/05/22 18:42:34 fanf2 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
except when starting the daemon or doing some kind of delivery or address
testing (-bt). These are the only cases when root need to be retained. We run
as exim for -bv and -bh. However, if deliver_drop_privilege is set, root is
-retained only for starting the daemon. */
+retained only for starting the daemon. We always do the initgroups() in this
+situation (controlled by the TRUE below), in order to be as close as possible
+to the state Exim usually runs in. */
if (!unprivileged && /* originally had root AND */
!removed_privilege && /* still got root AND */
)
))
{
- exim_setugid(exim_uid, exim_gid, FALSE, US"privilege not needed");
+ exim_setugid(exim_uid, exim_gid, TRUE, US"privilege not needed");
}
/* When we are retaining a privileged uid, we still change to the exim gid. */
projects / exim.git / commitdiff