1 files changed, 8 insertions, 23 deletions

diff --git a/maildrop.c b/maildrop.c
index 634fa3f..85aa32a 100644
--- a/maildrop.c
+++ b/maildrop.c
@@ -48,7 +48,7 @@ static size_t expand(char *, const char *, size_t, struct passwd *);
 
 static struct mdrop m;
 
-void
+pid_t
 maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
     int type, const char *path)
 {
@@ -61,21 +61,13 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
 	mode_t			old_mask;
 	int			fd, flags, res = -1;
 
-	if (seteuid(pw->pw_uid) < 0)
-		fatal("cannot lower privileges");
+	if ((pid = fork()) != 0)
+		return (pid);
 
-	pid = fork();
-	if (seteuid(0) < 0)
-		fatal("cannot restore privileges");
-
-	if (pid < 0)
-		fatal("maildrop: fork");
-
-	if (pid > 0)
-		return;
-
-	if (seteuid(pw->pw_uid) < 0)
-		fatal("cannot lower privileges");
+	if (setgroups(1, &pw->pw_gid) ||
+	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
+	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
+		fatal("cannot drop privileges");
 
 	close(pair[0]);
 	setproctitle("maildrop");
@@ -101,14 +93,6 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
 	}
 
 	umask(old_mask);
-	if (seteuid(0) < 0)
-		fatal("cannot restore privileges");
-
-	if (setgroups(1, &pw->pw_gid) ||
-	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
-	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
-		fatal("cannot drop privileges");
-
 	event_init();
 	signal_set(&ev_sigint, SIGINT, sig_handler, NULL);
 	signal_set(&ev_sigterm, SIGTERM, sig_handler, NULL);
@@ -144,6 +128,7 @@ expand(char *dst, const char *src, size_t dst_sz, struct passwd *pw)
 	size_t	i = 0, r;
 	int	c;
 
+	memset(dst, 0, dst_sz);
 	while ((c = *src++)) {
 		if (i >= dst_sz)
 			break;