[Dovecot] Chrooting dovecot.

Brad brad at comstyle.com
Wed Mar 30 06:49:38 EEST 2005


On Tue, Mar 15, 2005 at 11:19:59PM +0200, Timo Sirainen wrote:
> On Sun, 2005-03-13 at 23:41 -0800, BSD Mail wrote:
> > root     dovecot    481   5  tcp4   10.0.1.4:993          *:*
> > root     dovecot    481   6  tcp4   10.0.1.4:995          *:*
> > 
> > Fine for the first six lines it's doing what it's doing. But the last
> > two lines are running as root. That is why I want to chroot the
> > server. I would like if anyone can point me to some howto or notes on
> > how to do so. If there is none I will have to configure a jail just
> > for this purpose.
> 
> The chrooting options in config file are meant for chrooting login,
> auth, imap and pop3 processes. By default it's chrooting login
> processes. Having the master process itself chrooted isn't supported.. 
> 
> Does FreeBSD prevent root user from escaping chroot? Last I heard Linux
> didn't even try.

The whole point is that once you use chroot() then you're supposed to
drop privs.


More information about the dovecot mailing list