X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Freadconf.c;h=0b78958e4f0e6222bca6c3dea52bc851f0a8b231;hb=33191679e1a86ba6d9c38a74d0795d00c300f2c5;hp=954d546a4c6bbfef66141143601b82a4c49bae92;hpb=a053d12591b8ef90116feba27d290408a044f813;p=user%2Fhenk%2Fcode%2Fexim.git

diff --git a/src/src/readconf.c b/src/src/readconf.c
index 954d546a4..0b78958e4 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -2874,22 +2874,21 @@ else
       "configuration file %s", filename));
   }
 
-/* Check the status of the file we have opened, unless it was specified on
-the command line, in which case privilege was given away at the start. */
+/* Check the status of the file we have opened, if we have retained root
+privileges and the file isn't /dev/null (which *should* be 0666). */
 
-if (!config_changed)
+if (trusted_config && Ustrcmp(filename, US"/dev/null"))
   {
   if (fstat(fileno(config_file), &statbuf) != 0)
     log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to stat configuration file %s",
       big_buffer);
 
-  if ((statbuf.st_uid != root_uid &&             /* owner not root */
-       statbuf.st_uid != exim_uid                /* owner not exim */
+  if ((statbuf.st_uid != root_uid                /* owner not root */
        #ifdef CONFIGURE_OWNER
        && statbuf.st_uid != config_uid           /* owner not the special one */
        #endif
          ) ||                                    /* or */
-      (statbuf.st_gid != exim_gid                /* group not exim & */
+      (statbuf.st_gid != root_gid                /* group not root & */
        #ifdef CONFIGURE_GROUP
        && statbuf.st_gid != config_gid           /* group not the special one */
        #endif