aboutsummaryrefslogtreecommitdiff
path: root/maildrop.c
diff options
context:
space:
mode:
Diffstat (limited to 'maildrop.c')
-rw-r--r--maildrop.c30
1 files changed, 7 insertions, 23 deletions
diff --git a/maildrop.c b/maildrop.c
index edc47b7..4b9055c 100644
--- a/maildrop.c
+++ b/maildrop.c
@@ -47,7 +47,7 @@ static size_t expand(char *, const char *, size_t, struct passwd *);
static struct mdrop m;
-void
+pid_t
maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
int type, const char *path)
{
@@ -60,21 +60,13 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
mode_t old_mask;
int fd, flags, res = -1;
- if (seteuid(pw->pw_uid) < 0)
- fatal("cannot lower privileges");
+ if ((pid = fork()) != 0)
+ return (pid);
- pid = fork();
- if (seteuid(0) < 0)
- fatal("cannot restore privileges");
-
- if (pid < 0)
- fatal("maildrop: fork");
-
- if (pid > 0)
- return;
-
- if (seteuid(pw->pw_uid) < 0)
- fatal("cannot lower privileges");
+ if (setgroups(1, &pw->pw_gid) ||
+ setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
+ setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
+ fatal("cannot drop privileges");
close(pair[0]);
setproctitle("maildrop");
@@ -100,14 +92,6 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
}
umask(old_mask);
- if (seteuid(0) < 0)
- fatal("cannot restore privileges");
-
- if (setgroups(1, &pw->pw_gid) ||
- setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
- setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
- fatal("cannot drop privileges");
-
event_init();
signal_set(&ev_sigint, SIGINT, sig_handler, NULL);
signal_set(&ev_sigterm, SIGTERM, sig_handler, NULL);
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 01:57:35 +0000