#! /bin/sh /usr/share/dpatch/dpatch-run
## 91_drop_privs.dpatch by dean gaudet <dean@arctic.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad spamassassin-3.0.1/spamd/spamd.raw /home/dean/tmp/dpep.fbW5Mo/spamassassin-3.0.1/spamd/spamd.raw
--- spamassassin-3.0.1/spamd/spamd.raw	2004-10-26 23:20:24.000000000 -0700
+++ /home/dean/tmp/dpep.fbW5Mo/spamassassin-3.0.1/spamd/spamd.raw	2004-10-26 23:20:46.000000000 -0700
@@ -1398,6 +1398,11 @@
     else {
       logmsg("info: setuid to $username succeeded");
     }
+    # increase paranoia when we only handle one client per child
+    if ($clients_per_child == 1) {
+      $( = $);                       # real gid
+      $< = $>;                       # real uid. we now cannot setuid anymore
+    }
   }
 
   #