lib-storage: Ignore MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP if service user isn...

diff --git a/src/lib-storage/mail-storage-service.c b/src/lib-storage/mail-storage-service.c
index d1bab08126998cd5d8ee7bbdbc3915a6a9a93d0c..511b76ba70f7faa023156f9d605d024c071e1f7f 100644 (file)
--- a/src/lib-storage/mail-storage-service.c
+++ b/src/lib-storage/mail-storage-service.c
@@ -748,6 +748,13 @@ mail_storage_service_init(struct master_service *service,
                        PACKAGE_VERSION, version);
        }
 
+       if ((flags & MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP) != 0 &&
+           geteuid() != 0) {
+               /* service { user } isn't root. the permission drop can't be
+                  temporary. */
+               flags &= ~MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP;
+       }
+
        (void)umask(0077);
        io_loop_set_time_moved_callback(current_ioloop,
                                        mail_storage_service_time_moved);