From: Timo Sirainen Date: Thu, 9 Apr 2009 22:41:13 +0000 (-0400) Subject: restrict-access: More fixes to root checking. X-Git-Tag: 2.0.alpha1~1000 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cdfc424ddf1c85f47d9c9b3a855cfdf1b985569a;p=thirdparty%2Fdovecot%2Fcore.git restrict-access: More fixes to root checking. --HG-- branch : HEAD --- diff --git a/src/lib/restrict-access.c b/src/lib/restrict-access.c index d8183bac8c..0246c6630a 100644 --- a/src/lib/restrict-access.c +++ b/src/lib/restrict-access.c @@ -225,7 +225,7 @@ static void fix_groups_list(const struct restrict_access_settings *set, } void restrict_access(const struct restrict_access_settings *set, - const char *home) + const char *home, bool disallow_root) { bool is_root, have_root_group, preserve_groups = FALSE; bool allow_root_gid; @@ -297,9 +297,14 @@ void restrict_access(const struct restrict_access_settings *set, } /* verify that we actually dropped the privileges */ - if (set->uid != (uid_t)-1 && set->uid != 0) { - if (setuid(0) == 0) + if (set->uid != 0 || disallow_root) { + if (setuid(0) == 0) { + if (disallow_root && + (set->uid == 0 || set->uid == (uid_t)-1)) + i_fatal("This process must not be run as root"); + i_fatal("We couldn't drop root privileges"); + } } if (set->first_valid_gid != 0) @@ -381,16 +386,11 @@ void restrict_access_by_env(const char *home, bool disallow_root) if ((value = getenv("RESTRICT_GID_LAST")) != NULL) set.last_valid_gid = (gid_t)strtol(value, NULL, 10); - if (disallow_root) { - if (set.uid == (uid_t)-1 || set.uid == 0) - i_fatal("This process must not be run as root"); - } - set.extra_groups = null_if_empty(getenv("RESTRICT_SETEXTRAGROUPS")); set.system_groups_user = null_if_empty(getenv("RESTRICT_USER")); set.chroot_dir = null_if_empty(getenv("RESTRICT_CHROOT")); - restrict_access(&set, home); + restrict_access(&set, home, disallow_root); /* clear the environment, so we don't fail if we get back here */ env_remove("RESTRICT_SETUID"); diff --git a/src/lib/restrict-access.h b/src/lib/restrict-access.h index 0f8210fdcd..7d1ab346e0 100644 --- a/src/lib/restrict-access.h +++ b/src/lib/restrict-access.h @@ -28,7 +28,7 @@ void restrict_access_init(struct restrict_access_settings *set); /* Restrict access as specified by the settings. If home is not NULL, it's chdir()ed after chrooting, otherwise it chdirs to / (the chroot). */ void restrict_access(const struct restrict_access_settings *set, - const char *home); + const char *home, bool disallow_root); /* Set environment variables so they can be read with restrict_access_by_env(). */ void restrict_access_set_env(const struct restrict_access_settings *set);