Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/lib/restrict-access.h @ 7091:59ac3628b8d8 HEAD
Build environment using envarr and pass it to execve(). This is faster than
using putenv() directly. restrict_access_*_env() API changed to take
environment array parameter.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Wed, 02 Jan 2008 01:36:51 +0200 |
| parents | e4eb71ae8e96 |
| children | e6823d781317 |
| rev | line source |
|---|---|
|
6410
e4eb71ae8e96
Changed .h ifdef/defines to use <NAME>_H format.
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
1 #ifndef RESTRICT_ACCESS_H |
|
e4eb71ae8e96
Changed .h ifdef/defines to use <NAME>_H format.
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
2 #define RESTRICT_ACCESS_H |
| 0 | 3 |
| 4 /* set environment variables so they can be read with | |
| 5 restrict_access_by_env() */ | |
|
7091
59ac3628b8d8
Build environment using envarr and pass it to execve(). This is faster than
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
6 void restrict_access_set_env(ARRAY_TYPE(const_string) *env, |
|
59ac3628b8d8
Build environment using envarr and pass it to execve(). This is faster than
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
7 const char *user, uid_t uid, gid_t gid, |
|
1506
e7c627bacaaf
Allow first_valid_gid to be 0. Drop any supplementary groups not in valid
Timo Sirainen <tss@iki.fi>
parents:
1271
diff
changeset
|
8 const char *chroot_dir, |
|
2141
8690d2000e33
Added mail_extra_groups setting.
Timo Sirainen <tss@iki.fi>
parents:
1506
diff
changeset
|
9 gid_t first_valid_gid, gid_t last_valid_gid, |
|
8690d2000e33
Added mail_extra_groups setting.
Timo Sirainen <tss@iki.fi>
parents:
1506
diff
changeset
|
10 const char *extra_groups); |
| 0 | 11 |
|
801
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
0
diff
changeset
|
12 /* chroot, setuid() and setgid() based on environment variables. |
|
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
0
diff
changeset
|
13 If disallow_roots is TRUE, we'll kill ourself if we didn't have the |
|
7091
59ac3628b8d8
Build environment using envarr and pass it to execve(). This is faster than
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
14 environment settings and we have root uid or gid. If env=NULL, the real |
|
59ac3628b8d8
Build environment using envarr and pass it to execve(). This is faster than
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
15 environment is used. */ |
|
59ac3628b8d8
Build environment using envarr and pass it to execve(). This is faster than
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
16 void restrict_access_by_env(ARRAY_TYPE(const_string) *env, |
|
59ac3628b8d8
Build environment using envarr and pass it to execve(). This is faster than
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
17 bool disallow_root); |
| 0 | 18 |
| 19 #endif |