--- exim-4.50/src/transport.c~ 2005-02-17 14:49:11.000000000 +0000 +++ exim-4.50/src/transport.c 2005-02-23 16:30:18.000000000 +0000 @@ -1558,7 +1558,7 @@ if ((pid = fork()) == 0) /* Set up the calling arguments; use the standard function for the basics, but we have a number of extras that may be added. */ - argv = child_exec_exim(CEE_RETURN_ARGV, TRUE, &i, FALSE, 0); + argv = child_exec_exim(CEE_RETURN_ARGV, FALSE, TRUE, &i, FALSE, 0); if (smtp_authenticated) argv[i++] = US"-MCA"; --- exim-4.50/src/child.c~ 2005-02-17 14:49:11.000000000 +0000 +++ exim-4.50/src/child.c 2005-02-23 16:27:54.000000000 +0000 @@ -69,8 +69,8 @@ Returns: if CEE_RETURN_ARGV is g */ uschar ** -child_exec_exim(int exec_type, BOOL kill_v, int *pcount, BOOL minimal, - int acount, ...) +child_exec_exim(int exec_type, BOOL privileged, BOOL kill_v, int *pcount, + BOOL minimal, int acount, ...) { int first_special = -1; int n = 0; @@ -81,7 +81,8 @@ uschar **argv = /* In all case, the list starts out with the path, any macros, and a changed config file. */ -argv[n++] = exim_path; +argv[n++] = privileged?exim_path_privileged:exim_path; + if (clmacro_count > 0) { memcpy(argv + n, clmacros, clmacro_count * sizeof(uschar *)); @@ -204,11 +205,11 @@ if (pid == 0) close(pfd[pipe_write]); if (debug_fd > 0) force_fd(debug_fd, 2); if (bounce_sender_authentication != NULL) - child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 8, + child_exec_exim(CEE_EXEC_EXIT, FALSE, FALSE, NULL, FALSE, 8, US"-t", US"-oem", US"-oi", US"-f", US"<>", US"-oMas", bounce_sender_authentication, message_id_option); else - child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 6, + child_exec_exim(CEE_EXEC_EXIT, FALSE, FALSE, NULL, FALSE, 6, US"-t", US"-oem", US"-oi", US"-f", US"<>", message_id_option); /* Control does not return here. */ } --- exim-4.50/src/globals.h~ 2005-02-22 20:40:26.000000000 +0000 +++ exim-4.50/src/globals.h 2005-02-23 16:18:27.000000000 +0000 @@ -285,6 +285,7 @@ extern int errors_sender_rc; / extern gid_t exim_gid; /* To be used with exim_uid */ extern BOOL exim_gid_set; /* TRUE if exim_gid set */ extern uschar *exim_path; /* Path to exec exim */ +extern uschar *exim_path_privileged; /* Path to exec exim with elevated privileges */ extern uid_t exim_uid; /* Non-root uid for exim */ extern BOOL exim_uid_set; /* TRUE if exim_uid set */ extern int expand_forbid; /* RDO flags for forbidding things */ --- exim-4.50/src/readconf.c~ 2005-02-22 20:40:26.000000000 +0000 +++ exim-4.50/src/readconf.c 2005-02-23 16:26:10.000000000 +0000 @@ -201,6 +201,7 @@ static optionlist optionlist_config[] = { "errors_reply_to", opt_stringptr, &errors_reply_to }, { "exim_group", opt_gid, &exim_gid }, { "exim_path", opt_stringptr, &exim_path }, + { "exim_path_privileged", opt_stringptr, &exim_path_privileged }, { "exim_user", opt_uid, &exim_uid }, { "extra_local_interfaces", opt_stringptr, &extra_local_interfaces }, { "extract_addresses_remove_arguments", opt_bool, &extract_addresses_remove_arguments }, @@ -2898,6 +2899,11 @@ if (smtp_ratelimit_rcpt != NULL) &smtp_rlr_base, &smtp_rlr_factor, &smtp_rlr_limit); } +/* If exim_path_privileged isn't explicitly set, it's the same as exim_path */ + +if (exim_path_privileged == NULL) + exim_path_privileged = exim_path; + /* The qualify domains default to the primary host name */ if (qualify_domain_sender == NULL) --- exim-4.50/src/globals.c~ 2005-02-22 20:40:26.000000000 +0000 +++ exim-4.50/src/globals.c 2005-02-23 16:25:17.000000000 +0000 @@ -491,6 +491,7 @@ gid_t exim_gid = EXIM_GI BOOL exim_gid_set = TRUE; /* This gid is always set */ uschar *exim_path = US BIN_DIRECTORY "/exim" "\0<---------------Space to patch exim_path->"; +uschar *exim_path_privileged = NULL; uid_t exim_uid = EXIM_UID; BOOL exim_uid_set = TRUE; /* This uid is always set */ int expand_forbid = 0; --- exim-4.50/src/daemon.c~ 2005-02-17 14:49:11.000000000 +0000 +++ exim-4.50/src/daemon.c 2005-02-23 16:28:21.000000000 +0000 @@ -621,7 +621,7 @@ if (pid == 0) if (geteuid() != root_uid && !deliver_drop_privilege) { signal(SIGALRM, SIG_DFL); - (void)child_exec_exim(CEE_EXEC_PANIC, FALSE, NULL, FALSE, 2, US"-Mc", + (void)child_exec_exim(CEE_EXEC_PANIC, TRUE, FALSE, NULL, FALSE, 2, US"-Mc", message_id); /* Control does not return here. */ } @@ -1636,7 +1636,7 @@ for (;;) if (queue_run_local) *p++ = 'l'; *p = 0; - (void)child_exec_exim(CEE_EXEC_PANIC, FALSE, NULL, TRUE, 1, opt); + (void)child_exec_exim(CEE_EXEC_PANIC, TRUE, FALSE, NULL, TRUE, 1, opt); /* Control never returns here. */ } --- exim-4.50/src/exim.c~ 2005-02-17 14:49:11.000000000 +0000 +++ exim-4.50/src/exim.c 2005-02-23 16:29:34.000000000 +0000 @@ -4698,7 +4698,7 @@ while (more) if (geteuid() != root_uid && !deliver_drop_privilege && !unprivileged) { - (void)child_exec_exim(CEE_EXEC_EXIT, FALSE, NULL, FALSE, 2, US"-Mc", + (void)child_exec_exim(CEE_EXEC_EXIT, TRUE, FALSE, NULL, FALSE, 2, US"-Mc", message_id); /* Control does not return here. */ } --- exim-4.50/src/smtp_in.c~ 2005-02-17 14:49:11.000000000 +0000 +++ exim-4.50/src/smtp_in.c 2005-02-23 16:29:54.000000000 +0000 @@ -3423,7 +3423,7 @@ while (done <= 0) break; } etrn_command = US"exim -R"; - argv = child_exec_exim(CEE_RETURN_ARGV, TRUE, NULL, TRUE, 2, US"-R", + argv = child_exec_exim(CEE_RETURN_ARGV, FALSE, TRUE, NULL, TRUE, 2, US"-R", smtp_data); } --- exim-4.50/src/functions.h~ 2005-02-17 14:49:11.000000000 +0000 +++ exim-4.50/src/functions.h 2005-02-23 16:33:17.000000000 +0000 @@ -52,7 +52,7 @@ extern int auth_get_no64_data(uschar extern uschar *auth_xtextencode(uschar *, int); extern int auth_xtextdecode(uschar *, uschar **); -extern uschar **child_exec_exim(int, BOOL, int *, BOOL, int, ...); +extern uschar **child_exec_exim(int, BOOL, BOOL, int *, BOOL, int, ...); extern pid_t child_open_uid(uschar **, uschar **, int, uid_t *, gid_t *, int *, int *, uschar *, BOOL);