Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/lib/restrict-access.h @ 801:86224ff16bf6 HEAD
Drop root privileges earlier. Close syslog more later in imap-master when
forking new processes, so that any errors get logged. Make sure that all
errors show up in log files - use specific exit status codes if we can't
write to log file. Make sure imap and login processes always drop root
privileges even if master process didn't ask for it for some reason.
putenv() wasn't verified to succeed - luckily we never allowed large user
given data there.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Wed, 18 Dec 2002 06:00:01 +0200 |
| parents | 3b1985cbc908 |
| children | ea3f6c93d1a2 |
| rev | line source |
|---|---|
| 0 | 1 #ifndef __RESTRICT_ACCESS_H |
| 2 #define __RESTRICT_ACCESS_H | |
| 3 | |
| 4 /* set environment variables so they can be read with | |
| 5 restrict_access_by_env() */ | |
| 6 void restrict_access_set_env(const char *user, uid_t uid, gid_t gid, | |
| 7 const char *chroot_dir); | |
| 8 | |
|
801
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
0
diff
changeset
|
9 /* chroot, setuid() and setgid() based on environment variables. |
|
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
0
diff
changeset
|
10 If disallow_roots is TRUE, we'll kill ourself if we didn't have the |
|
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
0
diff
changeset
|
11 environment settings and we have root uid or gid. */ |
|
86224ff16bf6
Drop root privileges earlier. Close syslog more later in imap-master when
Timo Sirainen <tss@iki.fi>
parents:
0
diff
changeset
|
12 void restrict_access_by_env(int disallow_root); |
| 0 | 13 |
| 14 #endif |