diff options
| author | Phil Pennock <pdp@exim.org> | 2012-05-20 22:58:18 -0400 |
|---|---|---|
| committer | Phil Pennock <pdp@exim.org> | 2012-05-20 22:58:18 -0400 |
| commit | 1d7a353eb367991d8de63c32efa64f8224f3089f (patch) | |
| tree | 9f7c19496fd71c78e80d5a0f115ff985bf01a766 | |
| parent | 78e0c7a37f084eee9198cf8585a00e6e2aefeb04 (diff) | |
only drop privs for TLS if still root
| -rw-r--r-- | src/src/readconf.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/src/readconf.c b/src/src/readconf.c index bddb74c0a..3235d4556 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -2805,8 +2805,10 @@ if ((pid = fork()) < 0) if (pid == 0) { - exim_setugid(exim_uid, exim_gid, FALSE, - US"calling tls_validate_require_cipher"); + /* in some modes, will have dropped privilege already */ + if (!geteuid()) + exim_setugid(exim_uid, exim_gid, FALSE, + US"calling tls_validate_require_cipher"); errmsg = tls_validate_require_cipher(); if (errmsg) |