Don't allow a configure file which is writeable by the Exim user or group

[exim.git] / src / src / readconf.c

diff --git a/src/src/readconf.c b/src/src/readconf.c
index 33f10690b8670da900c0e65fd32d000db5f80063..08030583409e77ffeedbd66ffd6a718e41b3d4c2 100644 (file)
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/readconf.c,v 1.44 2010/06/12 15:21:26 jetmore Exp $ */
+/* $Cambridge: exim/src/src/readconf.c,v 1.45 2010/06/12 17:56:32 jetmore Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -2883,13 +2883,12 @@ if (!config_changed)
     log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to stat configuration file %s",
       big_buffer);
 
-  if ((statbuf.st_uid != root_uid &&             /* owner not root */
-       statbuf.st_uid != exim_uid                /* owner not exim */
+  if ((statbuf.st_uid != root_uid                /* owner not root */
        #ifdef CONFIGURE_OWNER
        && statbuf.st_uid != config_uid           /* owner not the special one */
        #endif
          ) ||                                    /* or */
-      (statbuf.st_gid != exim_gid                /* group not exim & */
+      (statbuf.st_gid != root_gid                /* group not root & */
        #ifdef CONFIGURE_GROUP
        && statbuf.st_gid != config_gid           /* group not the special one */
        #endif
@@ -3207,12 +3206,12 @@ if (openssl_options != NULL)
   {
 # ifdef USE_GNUTLS
   log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
-    "openssl_options is set but we're using GnuTLS\n");
+    "openssl_options is set but we're using GnuTLS");
 # else
   long dummy;
   if (!(tls_openssl_options_parse(openssl_options, &dummy)))
     log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
-      "openssl_options parse error: %s\n", openssl_options);
+      "openssl_options parse error: %s", openssl_options);
 # endif
   }
 #endif