From: Timo Sirainen <tss@iki.fi>
Date: Sun, 25 May 2008 12:10:59 +0000 (+0300)
Subject: expire-tool: Fixed changing uid/gid.
X-Git-Tag: 1.1.rc6~24
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fdaf2bbdd5cdae59602e33005cc7acf7d3c88f1a;p=thirdparty%2Fdovecot%2Fcore.git

expire-tool: Fixed changing uid/gid.

--HG--
branch : HEAD
---

diff --git a/src/plugins/expire/auth-client.c b/src/plugins/expire/auth-client.c
index 915a0fbfce..c460795b79 100644
--- a/src/plugins/expire/auth-client.c
+++ b/src/plugins/expire/auth-client.c
@@ -130,20 +130,24 @@ static void auth_parse_input(struct auth_connection *conn, const char *args)
 		return;
 	}
 
+	if (uid != conn->current_uid && conn->current_uid != 0) {
+		if (seteuid(0) != 0)
+			i_fatal("seteuid(0) failed: %m");
+		conn->current_uid = 0;
+	}
+
+	/* change GID */
+	restrict_access_by_env(FALSE);
+
 	/* we'll change only effective UID. This is a bit unfortunate since
 	   it allows reverting back to root, but we'll have to be able to
 	   access different users' mailboxes.. */
 	if (uid != conn->current_uid) {
-		if (conn->current_uid != 0) {
-			if (seteuid(0) != 0)
-				i_fatal("seteuid(0) failed: %m");
-		}
 		if (seteuid(uid) < 0)
 			i_fatal("seteuid(%s) failed: %m", dec2str(uid));
 		conn->current_uid = uid;
 	}
 
-	restrict_access_by_env(FALSE);
 	conn->return_value = 1;
 }