[Dovecot] Deliver Root Setuid

Timo Sirainen tss at iki.fi
Sun Dec 3 17:27:56 UTC 2006


On Sun, 2006-12-03 at 18:23 +0100, Láďa wrote:
> Hi,
> I just configured my Postfix installation to deliver via Dovecot LDA.
> But because I use separate uids for virtual domains I had to set
> deliver to be setuid root. Altough I find this as frequent answer to
> this problem with deliver LDA I am not a 100% sure – basically because
> I try to avoid root setuids as much as I can.
> 
> What should be better solution – to have all mailboxes with one owner
> or this setuid binary?

I don't think there's a better way right now. I'll probably change
deliver at some point so that you can run it directly under Postfix's
master instead of going through pipe. Then it can be started as root.

> My main reason for separate uids was filesystem quotas for whole
> domain. But my mail partition resides on XFS so I can do the same with
> directory quotas and I also noticed changes in quotas which should be
> also per domain in some next release or with patch.

I guess you could also use virtual quota (eg. maildir++ quota).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20061203/067144bc/attachment.pgp 


More information about the dovecot mailing list