[Dovecot] Chrooting the Mail processes
Timo Sirainen
tss at iki.fi
Sun Aug 24 16:07:42 EEST 2003
On Sun, 2003-08-24 at 15:49, Bert Koelewijn wrote:
> valid_chroot_dirs = /home
> default_mail_env = mbox:/home/%u/mail/:INBOX=/home/%u/mail/INBOX
>
> Are there any obvious ways for a local user to help dovecot escape the
> chroot jail?
Not really. They can of course create hardlinks elsewhere in /home.
> How can I check that dovecot is REALLY using /home as chroot jail for
> the imap process?
It's not chrooting anywhere yet with those settings. Hmm. I think I'd
need to add "mail_chroot" setting which would specify the default
chroot.
For now you'd have to change user's home directories to contain /./ to
speficy chroot. Like "/home/./user".
More information about the dovecot
mailing list