tag 248534 patch thanks Here is the patch I wrote for your dbmail-2.0 experimental branch. It can be easily adapted to dbmail-1.2. I reccomend having this loaded after your prefork patch.
-- Dan Weber
#! /bin/sh -e
## 07_drop_privledges.dpatch by <[EMAIL PROTECTED]>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
if [ $# -lt 1 ]; then
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
exit 1
fi
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
case "$1" in
-patch) patch -p1 ${patch_opts} < $0;;
-unpatch) patch -R -p1 ${patch_opts} < $0;;
*)
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
exit 1;;
esac
exit 0
@DPATCH@
diff -urNad /usr/src/dbmail-2.0/server.c dbmail-2.0/server.c
--- /usr/src/dbmail-2.0/server.c 2004-05-11 17:13:48.000000000 -0400
+++ dbmail-2.0/server.c 2004-05-11 17:15:28.000000000 -0400
@@ -217,6 +217,9 @@
trace(TRACE_INFO, "CreateSocket(): socket creation complete");
conf->listenSocket = sock;
+ trace(TRACE_INFO, "Dropping root privledges");
+ setresuid(getuid(),getuid(),getuid());
+ setresgid(getgid(),getgid(),getgid());
return 0;
}
signature.asc
Description: Digital signature
