i_fatal("Environment full, can't add: %s", env);
}
+void env_remove(const char *env)
+{
+ extern char **environ;
+ size_t len;
+
+ if (environ == NULL)
+ return;
+
+ len = strlen(env);
+ for (; *environ != NULL; environ++) {
+ if (strncmp(*environ, env, len) == 0 &&
+ (*environ)[len] == '=') {
+ char **p;
+
+ for (p = environ; *p != NULL; p++)
+ p[0] = p[1];
+ }
+ }
+}
+
void env_clean(void)
{
extern char **environ;
/* Add new environment variable. Wrapper to putenv(). Note that calls to this
function allocates memory which isn't free'd until env_clean() is called. */
void env_put(const char *env);
+/* Remove environment variable. */
+void env_remove(const char *env);
/* Clear all environment variables. */
void env_clean(void);
env_put(t_strdup_printf("RESTRICT_SETGID=%s", dec2str(gid)));
}
+void restrict_access_clear_env(void)
+{
+ env_remove("RESTRICT_USER");
+ env_remove("RESTRICT_CHROOT");
+ env_remove("RESTRICT_SETUID");
+ env_remove("RESTRICT_SETGID");
+}
+
void restrict_access_by_env(int disallow_root)
{
const char *env;
void restrict_access_set_env(const char *user, uid_t uid, gid_t gid,
const char *chroot_dir);
+/* clear the environment variables set by restrict_access_set_env() */
+void restrict_access_clear_env(void);
+
/* chroot, setuid() and setgid() based on environment variables.
If disallow_roots is TRUE, we'll kill ourself if we didn't have the
environment settings and we have root uid or gid. */
projects / thirdparty / dovecot / core.git / commitdiff
