From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Wed, 7 Feb 2018 14:00:46 +0000 (+0200)
Subject: lib: restrict_access_by_env() - Preserve RESTRICT_SETEXTRAGROUPS if root isn't dropped
X-Git-Tag: 2.3.9~2331
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c3d001b0dcb288093afd28a3bec20c62b734e863;p=thirdparty%2Fdovecot%2Fcore.git

lib: restrict_access_by_env() - Preserve RESTRICT_SETEXTRAGROUPS if root isn't dropped

This way service { extra_groups } is preserved for the whole duration of the
process lifetime (e.g. lmtp, doveadm)
---

diff --git a/src/lib/restrict-access.c b/src/lib/restrict-access.c
index 76f347dcc9..c189ad3808 100644
--- a/src/lib/restrict-access.c
+++ b/src/lib/restrict-access.c
@@ -466,7 +466,14 @@ void restrict_access_by_env(const char *home, bool disallow_root)
 	}
 	env_remove("RESTRICT_GID_FIRST");
 	env_remove("RESTRICT_GID_LAST");
-	env_remove("RESTRICT_SETEXTRAGROUPS");
+	if (getuid() != 0)
+		env_remove("RESTRICT_SETEXTRAGROUPS");
+	else {
+		/* Preserve RESTRICT_SETEXTRAGROUPS, so if we're again dropping
+		   more privileges we'll still preserve the extra groups. This
+		   mainly means preserving service { extra_groups } for lmtp
+		   and doveadm accesses. */
+	}
 	env_remove("RESTRICT_USER");
 	env_remove("RESTRICT_CHROOT");
 }