Mercurial > dovecot > original-hg > dovecot-1.2
changeset 5789:4f22660ffd33 HEAD
Move POSIX capabilities dropping into separate function.
author | Andrey Panin <pazke@donpac.ru> |
---|---|
date | Wed, 20 Jun 2007 14:08:27 +0400 |
parents | bdb16967be64 |
children | e1347a122140 |
files | src/master/Makefile.am src/master/capabilities-posix.c src/master/capabilities.h src/master/main.c |
diffstat | 4 files changed, 48 insertions(+), 26 deletions(-) [+] |
line wrap: on
line diff
--- a/src/master/Makefile.am Sun Jun 10 12:58:06 2007 +0400 +++ b/src/master/Makefile.am Wed Jun 20 14:08:27 2007 +0400 @@ -21,6 +21,7 @@ dovecot_SOURCES = \ auth-process.c \ askpass.c \ + capabilities-posix.c \ dict-process.c \ log.c \ login-process.c \ @@ -33,6 +34,7 @@ noinst_HEADERS = \ auth-process.h \ askpass.h \ + capabilities.h \ dict-process.h \ common.h \ log.h \
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/master/capabilities-posix.c Wed Jun 20 14:08:27 2007 +0400 @@ -0,0 +1,30 @@ +#include "common.h" +#include "capabilities.h" + +#ifdef HAVE_LIBCAP + +#include <sys/capability.h> + +void drop_capabilities(void) +{ + /* the capabilities that we *need* in order to operate */ + static cap_value_t suidcaps[] = { + CAP_CHOWN, + CAP_SYS_CHROOT, + CAP_SETUID, + CAP_SETGID, + CAP_NET_BIND_SERVICE + }; + cap_t caps; + + caps = cap_init(); + cap_clear(caps); + cap_set_flag(caps, CAP_PERMITTED, + sizeof(suidcaps) / sizeof(cap_value_t), suidcaps, CAP_SET); + cap_set_flag(caps, CAP_EFFECTIVE, + sizeof(suidcaps) / sizeof(cap_value_t), suidcaps, CAP_SET); + cap_set_proc(caps); + cap_free(caps); +} + +#endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/master/capabilities.h Wed Jun 20 14:08:27 2007 +0400 @@ -0,0 +1,14 @@ +#ifndef __CAPABILITIES_H__ +#define __CAPABILITIES_H__ + +#if defined(HAVE_LIBCAP) + +void drop_capabilities(void); + +#else + +static inline void drop_capabilities(void) {} + +#endif + +#endif /* __CAPABILITIES_H__ */
--- a/src/master/main.c Sun Jun 10 12:58:06 2007 +0400 +++ b/src/master/main.c Wed Jun 20 14:08:27 2007 +0400 @@ -10,6 +10,7 @@ #include "askpass.h" #include "auth-process.h" +#include "capabilities.h" #include "dict-process.h" #include "login-process.h" #include "mail-process.h" @@ -24,9 +25,6 @@ #include <syslog.h> #include <sys/stat.h> #include <sys/wait.h> -#ifdef HAVE_LIBCAP -#include <sys/capability.h> -#endif const char *process_names[PROCESS_TYPE_MAX] = { "unknown", @@ -39,18 +37,6 @@ "dict" }; -/* the capabilities that we *need* in order to operate */ -#ifdef HAVE_LIBCAP -cap_t caps; -cap_value_t suidcaps[] = { - CAP_CHOWN, - CAP_SYS_CHROOT, - CAP_SETUID, - CAP_SETGID, - CAP_NET_BIND_SERVICE -}; -#endif - static const char *configfile = SYSCONFDIR "/" PACKAGE ".conf"; static const char *env_tz; @@ -607,17 +593,7 @@ i_fatal("This is Dovecot's fatal log"); } -#ifdef HAVE_LIBCAP - /* drop capabilities that we don't need, be very restrictive. */ - caps = cap_init(); - cap_clear(caps); - cap_set_flag(caps, CAP_PERMITTED, - sizeof(suidcaps) / sizeof(cap_value_t), suidcaps, CAP_SET); - cap_set_flag(caps, CAP_EFFECTIVE, - sizeof(suidcaps) / sizeof(cap_value_t), suidcaps, CAP_SET); - cap_set_proc(caps); - cap_free(caps); -#endif + drop_capabilities(); lib_signals_init(); lib_signals_set_handler(SIGINT, TRUE, sig_die, NULL);