From 30ac0cb6ccf032c44c08beda24a3d23472cb4f1a Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Fri, 18 Oct 1996 15:46:18 +0000
Subject: Use seteuid(2) during MDA execution.

svn path=/trunk/; revision=346
---
 driver.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

(limited to 'driver.c')

diff --git a/driver.c b/driver.c
index dd815041..dec8e7e8 100644
--- a/driver.c
+++ b/driver.c
@@ -652,8 +652,25 @@ struct method *proto;		/* protocol method table */
 
 		/* open the delivery pipe now if we're using an MDA */
 		if (queryctl->mda[0])
-		    if ((mboxfd = openmailpipe(queryctl)) < 0)
+		{
+#ifdef HAVE_SETEUID
+		    /*
+		     * Arrange to run with user's permissions if we're root.
+		     * This will initialize the ownership of any files the
+		     * MDA creates properly.  (The seteuid call is available
+		     * under all BSDs and Linux)
+		     */
+		    seteuid(queryctl->uid);
+#endif /* HAVE_SETEUID */
+		    mboxfd = openmailpipe(queryctl);
+#ifdef HAVE_SETEUID
+		    /* this will fail quietly if we didn't start as root */
+		    seteuid(0);
+#endif /* HAVE_SETEUID */
+
+		    if (mboxfd < 0)
 			goto cleanUp;
+		}
 
 		/* read the message and ship it to the output sink */
 		ok = gen_readmsg(socket, mboxfd,
-- 
cgit v1.2.3