From 8b5488dd7787d63056cf724ef3a1058eb4d9d6b1 Mon Sep 17 00:00:00 2001
From: Matt Sergeant <matt@sergeant.org>
Date: Sat, 26 May 2007 23:38:09 +0000
Subject: [PATCH] Fix dropping privileges code to be same as forkserver

git-svn-id: https://svn.perl.org/qpsmtpd/trunk@745 958fd67b-6ff1-0310-b445-bb7760255be9
---
 qpsmtpd-async | 25 ++++++++++++-------------
 1 file changed, 12 insertions(+), 13 deletions(-)

diff --git a/qpsmtpd-async b/qpsmtpd-async
index f4101e4..361c39a 100755
--- a/qpsmtpd-async
+++ b/qpsmtpd-async
@@ -36,7 +36,8 @@ my $CONFIG_LOCALADDR = '127.0.0.1';
 my $PORT        = 2525;
 my $LOCALADDR   = '0.0.0.0';
 my $PROCS       = 1;
-my $USER        = '';      # user to suid to
+my $USER        = (getpwuid $>)[0];         # user to suid to
+   $USER        = "smtpd" if $USER eq "root";
 my $PAUSED      = 0;
 my $NUMACCEPT   = 20;
 my $ACCEPT_RSET = Danga::Socket->AddTimer(30, \&reset_num_accept);
@@ -76,7 +77,7 @@ GetOptions(
 # detaint the commandline
 if ($PORT =~ /^(\d+)$/) { $PORT = $1 } else { &help }
 if ($LOCALADDR =~ /^([\d\w\-.]+)$/) { $LOCALADDR = $1 } else { &help }
-if ($USER =~ /^([\w\-]+)$/) { $USER = $1 }
+if ($USER =~ /^([\w\-]+)$/) { $USER = $1 } else { &help }
 if ($PROCS =~ /^(\d+)$/) { $PROCS = $1 } else { &help }
 
 sub force_poll {
@@ -192,17 +193,15 @@ sub run_as_server {
     IO::Handle::blocking($CONFIG_SERVER, 0);
     binmode($CONFIG_SERVER, ':raw');
 
-    if ($USER) {
-        # Drop priviledges
-        my (undef, undef, $quid, $qgid) = getpwnam $USER or
-              die "unable to determine uid/gid for $USER\n";
-        $) = "";
-        POSIX::setgid($qgid) or
-              die "unable to change gid: $!\n";
-        POSIX::setuid($quid) or
-              die "unable to change uid: $!\n";
-        $> = $quid;
-    }
+    # Drop priviledges
+    my (undef, undef, $quid, $qgid) = getpwnam $USER or
+          die "unable to determine uid/gid for $USER\n";
+    $) = "";
+    POSIX::setgid($qgid) or
+          die "unable to change gid: $!\n";
+    POSIX::setuid($quid) or
+          die "unable to change uid: $!\n";
+    $> = $quid;
     
     # Load plugins here
     my $plugin_loader = Qpsmtpd::SMTP->new();