[Dovecot] Chrooting dovecot.
Brad
brad at comstyle.com
Wed Mar 30 06:49:38 EEST 2005
On Tue, Mar 15, 2005 at 11:19:59PM +0200, Timo Sirainen wrote:
> On Sun, 2005-03-13 at 23:41 -0800, BSD Mail wrote:
> > root dovecot 481 5 tcp4 10.0.1.4:993 *:*
> > root dovecot 481 6 tcp4 10.0.1.4:995 *:*
> >
> > Fine for the first six lines it's doing what it's doing. But the last
> > two lines are running as root. That is why I want to chroot the
> > server. I would like if anyone can point me to some howto or notes on
> > how to do so. If there is none I will have to configure a jail just
> > for this purpose.
>
> The chrooting options in config file are meant for chrooting login,
> auth, imap and pop3 processes. By default it's chrooting login
> processes. Having the master process itself chrooted isn't supported..
>
> Does FreeBSD prevent root user from escaping chroot? Last I heard Linux
> didn't even try.
The whole point is that once you use chroot() then you're supposed to
drop privs.
More information about the dovecot
mailing list