On Thu, May 13, 2004 at 12:45:59AM -0000, Aaron Stone wrote: > To be honest, I haven't read your patch nor have I read the particular parts > of DBMail in question in any detail... so it's entirely possible that you're > seeing an unhandled corner case or a different angle that I'm not aware of at > all. But there *should* be working code that does drop privileges using > setuid/setgid. > > Does your patch call drop_privileges, or your equivalent, in a different > situation than it is currently being called? I'll go back and check the patch > unless you beat me to describing it ;-)
Yeah it calls its own version of dropprivleges atm. It works sufficiently well, and all sockets root is dropped as soon as the socket is created. The misc.c/drop_privleges seems to have trace info if it fails which is probably for the better. They both do identical things, we may as well call it. -- Dan Weber
signature.asc
Description: Digital signature
