Skip to content

Commit c56bb14

Browse files
author
Florian Schaal
committed
more restrict permissions for dkim-keys
1 parent 22011d1 commit c56bb14

File tree

1 file changed

+14
-1
lines changed

1 file changed

+14
-1
lines changed

server/plugins-available/mail_plugin_dkim.inc.php

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -196,8 +196,21 @@ function write_dkim_key($key_file, $key_value, $key_domain) {
196196
$public_key='';
197197
foreach($pubkey as $values) $public_key=$public_key.$values."\n";
198198
/* save the DKIM Public-key in dkim-dir */
199-
if ( $app->system->file_put_contents($key_file.'.public', $public_key) )
199+
if ( $app->system->file_put_contents($key_file.'.public', $public_key) ) {
200200
$app->log('Saved DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
201+
if($app->system->is_user('amavis')) {
202+
$amavis_user='amavis';
203+
} elseif ($app->system->is_user('vscan')) {
204+
$amavis_user='vscan';
205+
}
206+
else {
207+
$amavis_user='';
208+
}
209+
if($amavis_user!='') {
210+
$app->system->chown($key_file.'.private', $amavis_user);
211+
$app->system->chmod($key_file.'.private', 0440);
212+
}
213+
}
201214
else $app->log('Unable to save DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
202215
} else {
203216
$app->log('Unable to save DKIM Private-key to '.$key_file.'.private', LOGLEVEL_ERROR);

0 commit comments

Comments
 (0)