Mercurial > dovecot > core-2.2
changeset 13004:1bbb45a97cc1
script-login: Changed default behavior to be to drop privileges.
Also since the default is to run as root, allow that. There is now "-n"
parameter to avoid dropping privileges.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 09 May 2011 19:59:21 +0300 |
parents | 4e99454e2c7c |
children | 56a1b3082b4b |
files | src/util/script-login.c |
diffstat | 1 files changed, 5 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/src/util/script-login.c Mon May 09 19:28:27 2011 +0300 +++ b/src/util/script-login.c Mon May 09 19:59:21 2011 +0300 @@ -22,7 +22,7 @@ #define SCRIPT_COMM_FD 3 static const char **exec_args; -static bool drop_privileges = FALSE; +static bool drop_privileges = TRUE; static void client_connected(struct master_service_connection *conn) { @@ -120,7 +120,7 @@ mail_storage_service_restrict_setenv(service_ctx, user); if (drop_privileges) - restrict_access_by_env(getenv("HOME"), TRUE); + restrict_access_by_env(getenv("HOME"), FALSE); if (dup2(fd, STDIN_FILENO) < 0) i_fatal("dup2() failed: %m"); @@ -186,11 +186,11 @@ flags |= MASTER_SERVICE_FLAG_STANDALONE; master_service = master_service_init("script-login", flags, - &argc, &argv, "+d"); + &argc, &argv, "+n"); while ((c = master_getopt(master_service)) > 0) { switch (c) { - case 'd': - drop_privileges = TRUE; + case 'n': + drop_privileges = FALSE; break; default: return FATAL_DEFAULT;