Mercurial > dovecot > original-hg > dovecot-1.2
diff src/master/auth-process.c @ 1040:299f59fb9ff4 HEAD
Authentication named socket permissions were insecure, an exploited login
process could have replaced it with it's own and began reading plaintext
passwords sent by other login processes.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 27 Jan 2003 04:42:02 +0200 |
parents | f782b3319553 |
children | a72bba3f8a55 |
line wrap: on
line diff
--- a/src/master/auth-process.c Mon Jan 27 04:05:32 2003 +0200 +++ b/src/master/auth-process.c Mon Jan 27 04:42:02 2003 +0200 @@ -272,7 +272,7 @@ /* create socket for listening auth requests from imap-login */ path = t_strconcat(set_login_dir, "/", config->name, NULL); (void)unlink(path); - (void)umask(0177); /* we want 0600 mode for the socket */ + (void)umask(0117); /* we want 0660 mode for the socket */ listen_fd = net_listen_unix(path); if (listen_fd < 0) @@ -281,7 +281,7 @@ i_assert(listen_fd > 2); /* set correct permissions */ - if (chown(path, set_login_uid, set_login_gid) < 0) { + if (chown(path, geteuid(), set_login_gid) < 0) { i_fatal("login: chown(%s, %s, %s) failed: %m", path, dec2str(set_login_uid), dec2str(set_login_gid)); }