From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Wed, 7 Feb 2018 14:00:46 +0000 (+0200)
Subject: lib: restrict_access_by_env() - Preserve RESTRICT_SETEXTRAGROUPS if root isn't dropped
X-Git-Tag: 2.3.1~107
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=12896fac942c450d2367149ec02fa75e757a1969;p=thirdparty%2Fdovecot%2Fcore.git

lib: restrict_access_by_env() - Preserve RESTRICT_SETEXTRAGROUPS if root isn't dropped

This way service { extra_groups } is preserved for the whole duration of the
process lifetime (e.g. lmtp, doveadm)
---

diff --git a/src/lib/restrict-access.c b/src/lib/restrict-access.c
index 36f6bca98a..1d5ed5c39c 100644
--- a/src/lib/restrict-access.c
+++ b/src/lib/restrict-access.c
@@ -467,7 +467,14 @@ void restrict_access_by_env(enum restrict_access_flags flags, const char *home)
 	}
 	env_remove("RESTRICT_GID_FIRST");
 	env_remove("RESTRICT_GID_LAST");
-	env_remove("RESTRICT_SETEXTRAGROUPS");
+	if (getuid() != 0)
+		env_remove("RESTRICT_SETEXTRAGROUPS");
+	else {
+		/* Preserve RESTRICT_SETEXTRAGROUPS, so if we're again dropping
+		   more privileges we'll still preserve the extra groups. This
+		   mainly means preserving service { extra_groups } for lmtp
+		   and doveadm accesses. */
+	}
 	env_remove("RESTRICT_USER");
 	env_remove("RESTRICT_CHROOT");
 }