lib: Flip drop_setuid_root in restrict_access_settings

author Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>

Mon, 18 Dec 2017 09:35:27 +0000 (11:35 +0200)

committer Timo Sirainen <timo.sirainen@dovecot.fi>

Mon, 12 Feb 2018 15:00:14 +0000 (17:00 +0200)
author Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>
Mon, 18 Dec 2017 09:35:27 +0000 (11:35 +0200)
committer Timo Sirainen <timo.sirainen@dovecot.fi>
Mon, 12 Feb 2018 15:00:14 +0000 (17:00 +0200)
diff --git a/src/lib-storage/mail-storage-service.c b/src/lib-storage/mail-storage-service.c

index f4b73f9f983b7a88da717941b34d96872fad9c3a..1d0467c98a016c653ef87f64eaae2df72e50cf23 100644 (file)
--- a/src/lib-storage/mail-storage-service.c
+++ b/src/lib-storage/mail-storage-service.c
@@ -568,6 +568,7 @@ service_drop_privileges(struct mail_storage_service_user *user,
         current_euid = geteuid();
         restrict_access_init(&rset);
         restrict_access_get_env(&rset);
+       rset.allow_setuid_root = keep_setuid_root;
         if (priv->uid != (uid_t)-1) {
                 rset.uid = priv->uid;
                 rset.uid_source = priv->uid_source;
diff --git a/src/lib/restrict-access.c b/src/lib/restrict-access.c

index c189ad38086c6eb8725ccf3fba006b7ca78f86bc..72768f184fc709ef5374952e2d2abbd455cf3f32 100644 (file)
--- a/src/lib/restrict-access.c
+++ b/src/lib/restrict-access.c
@@ -265,7 +265,7 @@ void restrict_access(const struct restrict_access_settings *set,
         is_root = geteuid() == 0;
  
         if (!is_root &&
-           set->drop_setuid_root &&
+           !set->allow_setuid_root &&
             getuid() == 0) {
                 /* recover current effective UID */
                 if (target_uid == (uid_t)-1)
diff --git a/src/lib/restrict-access.h b/src/lib/restrict-access.h

index 8ca2c9d784269b50e6611a4ad83e3583027c4a20..de26a48ff48251ba1ff9642dd6f472a09ba63c12 100644 (file)
--- a/src/lib/restrict-access.h
+++ b/src/lib/restrict-access.h
@@ -26,9 +26,10 @@ struct restrict_access_settings {
         /* Chroot directory */
         const char *chroot_dir;
  
-       /* Set TRUE to attempt to drop any root privileges
-          FIXME: Reverse logic on v2.3 */
-       bool drop_setuid_root; 
+       /* Allow running in setuid-root mode, where real UID is root and
+        * effective UID is non-root. By default the real UID is changed
+        * to be the same as the effective UID. */
+       bool allow_setuid_root;
  };
  
  /* Initialize settings with values that don't change anything. */
author	Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>
	Mon, 18 Dec 2017 09:35:27 +0000 (11:35 +0200)
committer	Timo Sirainen <timo.sirainen@dovecot.fi>
	Mon, 12 Feb 2018 15:00:14 +0000 (17:00 +0200)
src/lib-storage/mail-storage-service.c		patch \| blob \| blame \| history
src/lib/restrict-access.c		patch \| blob \| blame \| history
src/lib/restrict-access.h		patch \| blob \| blame \| history