* Change method of dropping privilleges

author: Vsevolod Stakhov <vsevolod@rambler-co.ru> 2009-03-04 13:58:20 +0300
committer: Vsevolod Stakhov <vsevolod@rambler-co.ru> 2009-03-04 13:58:20 +0300
commit: b4e3c966595fb52ed7aacd8505d184376eaeaebb (patch)
tree: 21de9164eed12a78d93180ac48eddd9fb175caf9 /utils
parent: 8ad17a57629321fb4cf03dd895606549802442d3 (diff)
download: rspamd-b4e3c966595fb52ed7aacd8505d184376eaeaebb.tar.gz
rspamd-b4e3c966595fb52ed7aacd8505d184376eaeaebb.zip
1 files changed, 8 insertions, 4 deletions
diff --git a/utils/redirector.pl.in b/utils/redirector.pl.in
index cb74b0222..da3451580 100755
--- a/utils/redirector.pl.in
+++ b/utils/redirector.pl.in
@@ -50,6 +50,14 @@ my %cfg = (
 
 our $do_reopen_log = 0;
 
+# Drop privilleges
+if ($> == 0) {
+    my $uid = getpwnam($cfg{user}) or die "user $cfg{user} unknown";
+    my $gid = getgrnam($cfg{group}) or die "group $cfg{group} unknown";
+    $< = $uid;
+    $) = $gid;
+}
+
 die "Process is already started, check $cfg{pidfile}" if Proc::PidUtil::is_running($cfg{pidfile});
 
 die "Cannot write to pidfile $cfg{pidfile}" if ! open(PID, "> $cfg{pidfile}");
@@ -60,10 +68,6 @@ $cfg{do_log} = 0 if ! open(LOG, ">> $cfg{logfile}");
 # Do daemonization
 Proc::Daemon::Init if !$cfg{debug};
 
-my $uid = getpwnam($cfg{user}) or die "user $cfg{user} unknown";
-my $gid = getgrnam($cfg{group}) or die "group $cfg{group} unknown";
-setpgrp ($uid, $gid) or die "cannot drop privilleges";
-
 Proc::PidUtil::make_pidfile($cfg{pidfile}, $$) or die "Cannot write pidfile $cfg{pidfile}";
 
 # Init memcached connection
author	Vsevolod Stakhov <vsevolod@rambler-co.ru>	2009-03-04 13:58:20 +0300
committer	Vsevolod Stakhov <vsevolod@rambler-co.ru>	2009-03-04 13:58:20 +0300
commit	b4e3c966595fb52ed7aacd8505d184376eaeaebb (patch)
tree	21de9164eed12a78d93180ac48eddd9fb175caf9 /utils
parent	8ad17a57629321fb4cf03dd895606549802442d3 (diff)
download	rspamd-b4e3c966595fb52ed7aacd8505d184376eaeaebb.tar.gz rspamd-b4e3c966595fb52ed7aacd8505d184376eaeaebb.zip