git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
CVE-2020-28014, CVE-2021-27216: PID file handling
[exim.git]
/
src
/
src
/
exim.c
diff --git
a/src/src/exim.c
b/src/src/exim.c
index abb3ba7c01a3c5adf11aa4179c8a2ecb10543944..49ba9e728b62f17a3a8bb8a2535935b11d560430 100644
(file)
--- a/
src/src/exim.c
+++ b/
src/src/exim.c
@@
-3256,6
+3256,10
@@
on the second character (the one after '-'), to save some effort. */
-oPX: delete pid file of daemon */
case 'P':
-oPX: delete pid file of daemon */
case 'P':
+ if (!f.running_in_test_harness && real_uid != root_uid && real_uid != exim_uid)
+ exim_fail("exim: only uid=%d or uid=%d can use -oP and -oPX "
+ "(uid=%d euid=%d | %d)\n",
+ root_uid, exim_uid, getuid(), geteuid(), real_uid);
if (!*argrest) override_pid_file_path = argv[++i];
else if (Ustrcmp(argrest, "X") == 0) delete_pid_file();
else badarg = TRUE;
if (!*argrest) override_pid_file_path = argv[++i];
else if (Ustrcmp(argrest, "X") == 0) delete_pid_file();
else badarg = TRUE;