Mercurial > dovecot > original-hg > dovecot-1.2
diff src/lib/restrict-access.h @ 7341:af998ae4254b HEAD
Replaced mail_extra_groups setting with mail_privileged_group and
mail_access_groups settings. mail_privileged_group allows temporary access
to the group when creating mbox INBOX dotlocks.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 04 Mar 2008 07:54:53 +0200 |
parents | e6823d781317 |
children | c9381a0fdc5e |
line wrap: on
line diff
--- a/src/lib/restrict-access.h Tue Mar 04 07:54:41 2008 +0200 +++ b/src/lib/restrict-access.h Tue Mar 04 07:54:53 2008 +0200 @@ -2,8 +2,10 @@ #define RESTRICT_ACCESS_H /* set environment variables so they can be read with - restrict_access_by_env() */ -void restrict_access_set_env(const char *user, uid_t uid, gid_t gid, + restrict_access_by_env(). If privileged_gid != (gid_t)-1, + the privileged GID can be temporarily enabled/disabled. */ +void restrict_access_set_env(const char *user, uid_t uid, + gid_t gid, gid_t privileged_gid, const char *chroot_dir, gid_t first_valid_gid, gid_t last_valid_gid, const char *extra_groups); @@ -13,4 +15,11 @@ environment settings and we have root uid or gid. */ void restrict_access_by_env(bool disallow_root); +/* If privileged_gid was set, these functions can be used to temporarily + gain access to the group. */ +int restrict_access_use_priv_gid(void); +void restrict_access_drop_priv_gid(void); +/* Returns TRUE if privileged GID exists for this process. */ +bool restrict_access_have_priv_gid(void); + #endif