Mercurial > dovecot > core-2.2

diff src/lda/main.c @ 10205:13b3a3ce892c HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lda: Fixed binary setuid-checking.
author Timo Sirainen <tss@iki.fi>
date Tue, 27 Oct 2009 13:10:54 -0400
parents 85f3282cfe4f
children b470c03b7164
line wrap: on
line diff
--- a/src/lda/main.c	Tue Oct 27 12:16:42 2009 -0400
+++ b/src/lda/main.c	Tue Oct 27 13:10:54 2009 -0400
@@ -274,7 +274,7 @@
 			fprintf(stderr, "stat(%s) failed: %s\n",
 				argv[0], strerror(errno));
 			return EX_TEMPFAIL;
-		} else if ((st.st_mode & 1) != 0) {
+		} else if ((st.st_mode & 1) != 0 && (st.st_mode & 04000) != 0) {
 			fprintf(stderr, "%s must not be both world-executable "
 				"and setuid-root. This allows root exploits. "
 				"See http://wiki.dovecot.org/LDA#multipleuids\n",