Mercurial > dovecot > core-2.2

diff src/lmtp/main.c @ 11282:70cfc89a3936 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lmtp: Set user/group at startup as specified in service block.
author Timo Sirainen <tss@iki.fi>
date Wed, 12 May 2010 15:23:48 +0200
parents cc3f6adc1e0b
children b8d3c96e61a7
line wrap: on
line diff
--- a/src/lmtp/main.c	Wed May 12 13:16:16 2010 +0200
+++ b/src/lmtp/main.c	Wed May 12 15:23:48 2010 +0200
@@ -33,6 +33,21 @@
 	(void)client_create(conn->fd, conn->fd, conn);
 }
 
+static void drop_privileges(void)
+{
+	struct restrict_access_settings set;
+	const char *error;
+
+	/* by default we don't drop any privileges, but keep running as root. */
+	restrict_access_get_env(&set);
+	if (set.uid != 0) {
+		/* open config connection before dropping privileges */
+		(void)master_service_settings_read_simple(master_service,
+							  NULL, &error);
+	}
+	restrict_access_by_env(NULL, FALSE);
+}
+
 static void main_init(void)
 {
 	struct master_service_connection conn;
@@ -84,6 +99,8 @@
 			return FATAL_DEFAULT;
 		}
 	}
+
+	drop_privileges();
 	master_service_init_finish(master_service);
 	master_service_init_log(master_service,
 				t_strdup_printf("lmtp(%s): ", my_pid));