Disallow non-root users to start in daemon mode.

Obtained from: Eric Allman <eric@sendmail.org>

1 files changed, 22 insertions, 9 deletions

diff --git a/usr.sbin/sendmail/src/main.c b/usr.sbin/sendmail/src/main.c
index 504fba3..c6b37ea 100644
--- a/usr.sbin/sendmail/src/main.c
+++ b/usr.sbin/sendmail/src/main.c
@@ -513,15 +513,7 @@ main(argc, argv, envp)
 			{
 			  case MD_DAEMON:
 			  case MD_FGDAEMON:
-# ifdef DAEMON
-				if (RealUid != 0)
-				{
-					usrerr("Permission denied");
-					exit(EX_USAGE);
-				}
-				vendor_daemon_setup(CurEnv);
-				/* fall through ... */
-# else
+# ifndef DAEMON
 				usrerr("Daemon mode not implemented");
 				ExitStat = EX_USAGE;
 				break;
@@ -931,6 +923,18 @@ main(argc, argv, envp)
 		/* fall through ... */
 
 	  case MD_DAEMON:
+		/* check for permissions */
+		if (RealUid != 0)
+		{
+#ifdef LOG
+			syslog(LOG_ALERT, "uid %d tried to start daemon mode",
+				RealUid);
+#endif
+			usrerr("Permission denied");
+			exit(EX_USAGE);
+		}
+		vendor_daemon_setup(CurEnv);
+
 		/* remove things that don't make sense in daemon mode */
 		FullName = NULL;
 		GrabTo = FALSE;
@@ -1964,6 +1968,15 @@ sighup()
 		syslog(LOG_INFO, "restarting %s on signal", SaveArgv[0]);
 #endif
 	releasesignal(SIGHUP);
+	if (setuid(RealUid) < 0 || setgid(RealGid) < 0)
+	{
+#ifdef LOG
+		if (LogLevel > 0)
+			syslog(LOG_ALERT, "could not set[ug]id(%d, %d): %m",
+				RealUid, RealGid);
+#endif
+		exit(EX_OSERR);
+	}
 	execv(SaveArgv[0], (ARGV_T) SaveArgv);
 #ifdef LOG
 	if (LogLevel > 0)