lib: Flip drop_setuid_root in restrict_access_settings

dovecot · Feb 19, 2018 · aeddc84 · aeddc84
1 parent f7d2099
commit aeddc84
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 4 deletions.
diff --git a/src/lib-storage/mail-storage-service.c b/src/lib-storage/mail-storage-service.c
@@ -568,6 +568,7 @@ service_drop_privileges(struct mail_storage_service_user *user,
 	current_euid = geteuid();
 	restrict_access_init(&rset);
 	restrict_access_get_env(&rset);
+	rset.allow_setuid_root = keep_setuid_root;
 	if (priv->uid != (uid_t)-1) {
 		rset.uid = priv->uid;
 		rset.uid_source = priv->uid_source;

diff --git a/src/lib/restrict-access.c b/src/lib/restrict-access.c
@@ -265,7 +265,7 @@ void restrict_access(const struct restrict_access_settings *set,
 	is_root = geteuid() == 0;
 
 	if (!is_root &&
-	    set->drop_setuid_root &&
+	    !set->allow_setuid_root &&
 	    getuid() == 0) {
 		/* recover current effective UID */
 		if (target_uid == (uid_t)-1)

diff --git a/src/lib/restrict-access.h b/src/lib/restrict-access.h
@@ -26,9 +26,10 @@ struct restrict_access_settings {
 	/* Chroot directory */
 	const char *chroot_dir;
 
-	/* Set TRUE to attempt to drop any root privileges
-	   FIXME: Reverse logic on v2.3 */
-	bool drop_setuid_root; 
+	/* Allow running in setuid-root mode, where real UID is root and
+	 * effective UID is non-root. By default the real UID is changed
+	 * to be the same as the effective UID. */
+	bool allow_setuid_root;
 };
 
 /* Initialize settings with values that don't change anything. */