Drop root privileges before loading plugins, rather than after. This reduces

root exposure, and avoids (e.g.) files being created as root which then won't
be writable by the normal qpsmtpd user.


git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@584 958fd67b-6ff1-0310-b445-bb7760255be9

qpsmtpd-forkserver

@@ -129,7 +129,6 @@ if ($PID_FILE) {
 
 # Load plugins here
 my $qpsmtpd = Qpsmtpd::TcpServer->new();
-$qpsmtpd->load_plugins;
 
 # Drop privileges
 my (undef, undef, $quid, $qgid) = getpwnam $USER or
@@ -138,7 +137,6 @@ my $groups = "$qgid $qgid";
 while (my ($name,$passwd,$gid,$members) = getgrent()) {
     my @m = split(/ /, $members);
     if (grep {$_ eq $USER} @m) {
-	::log(LOGINFO,"$USER is member of group $name($gid)");
 	$groups .= " $gid";
     }
 }
@@ -149,6 +147,8 @@ POSIX::setuid($quid) or
       die "unable to change uid: $!\n";
 $> = $quid;
 
+$qpsmtpd->load_plugins;
+
 ::log(LOGINFO,"Listening on port $PORT");
 ::log(LOGINFO, 'Running as user '.
 	(getpwuid($>) || $>) .