diff options
Diffstat (limited to 'maildrop.c')
| -rw-r--r-- | maildrop.c | 30 |
1 files changed, 7 insertions, 23 deletions
@@ -47,7 +47,7 @@ static size_t expand(char *, const char *, size_t, struct passwd *); static struct mdrop m; -void +pid_t maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw, int type, const char *path) { @@ -60,21 +60,13 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw, mode_t old_mask; int fd, flags, res = -1; - if (seteuid(pw->pw_uid) < 0) - fatal("cannot lower privileges"); + if ((pid = fork()) != 0) + return (pid); - pid = fork(); - if (seteuid(0) < 0) - fatal("cannot restore privileges"); - - if (pid < 0) - fatal("maildrop: fork"); - - if (pid > 0) - return; - - if (seteuid(pw->pw_uid) < 0) - fatal("cannot lower privileges"); + if (setgroups(1, &pw->pw_gid) || + setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || + setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) + fatal("cannot drop privileges"); close(pair[0]); setproctitle("maildrop"); @@ -100,14 +92,6 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw, } umask(old_mask); - if (seteuid(0) < 0) - fatal("cannot restore privileges"); - - if (setgroups(1, &pw->pw_gid) || - setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || - setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) - fatal("cannot drop privileges"); - event_init(); signal_set(&ev_sigint, SIGINT, sig_handler, NULL); signal_set(&ev_sigterm, SIGTERM, sig_handler, NULL); |