From 1d7a353eb367991d8de63c32efa64f8224f3089f Mon Sep 17 00:00:00 2001 From: Phil Pennock Date: Sun, 20 May 2012 22:58:18 -0400 Subject: [PATCH] only drop privs for TLS if still root --- src/src/readconf.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/src/readconf.c b/src/src/readconf.c index bddb74c0a..3235d4556 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -2805,8 +2805,10 @@ if ((pid = fork()) < 0) if (pid == 0) { - exim_setugid(exim_uid, exim_gid, FALSE, - US"calling tls_validate_require_cipher"); + /* in some modes, will have dropped privilege already */ + if (!geteuid()) + exim_setugid(exim_uid, exim_gid, FALSE, + US"calling tls_validate_require_cipher"); errmsg = tls_validate_require_cipher(); if (errmsg) -- 2.30.2