Re: [Exim] patch for exim_setugid, igflag

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Philip Hazel
Datum:  
To: fh-exim2003
CC: Exim-users
Betreff: Re: [Exim] patch for exim_setugid, igflag
On Tue, 12 Aug 2003 fh-exim2003@??? wrote:

> to read our pop-before-smtp database
>
>   -rw-rw----   1 popowner      popowner    49152 Aug 11 14:38 qpopper

>
> we had to put the exim pseudo user into the group popowner and
> made the following small patch in src/daemon.c to take effect:
>
> src$ diff daemon.c.orig daemon.c
> 999c999,1007
> < exim_setugid(exim_uid, exim_gid, FALSE, US"running as a daemon");
> ---
> > exim_setugid(exim_uid, exim_gid, TRUE, US"running as a daemon");
>
>
> What do you think about setting igflag=TRUE by default or
> at least setting igflag with a #define?


The original motivation for not doing initgroups everywhere was that in
some operating environments, it was (very) expensive. I'm not sure if
this is actually the case any more, but in any case, the expense is not
relevant for the start up of the daemon.

I can't see any reason for not changing this case. It will have an
effect only if the exim user is put into some other groups, and the
only effect will be to give exim access to files it might not otherwise
have been able to see during the daemon mainline.

So I'll do it.

Philip

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book