Mercurial > dovecot > original-hg > dovecot-1.2
changeset 9453:ead94beba32a HEAD
deliver: Fixed binary setuid-checking.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 27 Oct 2009 13:11:31 -0400 |
parents | abbb153d4643 |
children | 04d841ecb5bf |
files | src/deliver/deliver.c |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/deliver/deliver.c Tue Oct 27 00:21:53 2009 -0400 +++ b/src/deliver/deliver.c Tue Oct 27 13:11:31 2009 -0400 @@ -920,7 +920,7 @@ fprintf(stderr, "stat(%s) failed: %s\n", argv[0], strerror(errno)); return EX_TEMPFAIL; - } else if ((st.st_mode & 1) != 0) { + } else if ((st.st_mode & 1) != 0 && (st.st_mode & 04000) != 0) { fprintf(stderr, "%s must not be both world-executable " "and setuid-root. This allows root exploits. " "See http://wiki.dovecot.org/LDA#multipleuids\n",