Comment 2 for bug 1849712

I agree on the bug, but not the solution. It turns out that libmilter will handle this itself based on umask:

https://www.mirbsd.org/htman/i386/manDOCS/milter/smfi_setconn.html

The default uMask setting should yield an appropriately owned socket. I think we can just drop own_socketfile(milterconfig) completely. The reason why your patch appears to work is that the permissions have already been set by the time own_socketfile(milterconfig) is run. Since the milter has already dropped privileges at that point, if the socket was still root owned, it would fail.

Thanks for the feedback. There's already a pending update in Debian (to 1.0.2) that doesn't address this issue, so don't be surprised when you get an update and this isn't fixed.