[Dovecot] symbolic links to root node
Martin Preen
preen at informatik.uni-freiburg.de
Fri Jan 25 16:10:59 EET 2008
Timo Sirainen wrote:
> On Fri, 2008-01-25 at 14:48 +0100, Martin Preen wrote:
>
>>Hello,
>>I have a question about the way Dovecot limits file system access.
>>Currently we're using Dovecot 1.0.5 (Solaris 10).
>>
>>In some cases users have a symbolic link like "z: -> /" in their
>>mail directory. As a result there are log entries like
>>
>>Jan 25 13:30:31 imap1 dovecot: [ID 107833 mail.error] IMAP(xyz):
>>stat(/home/xyz/.wine/dosdevices/c:/windows/profiles/xyz/.../z:/proc/28381/root/proc/28381/.../root/proc/28381/Player/#SharedObje
>>Jan 25 13:30:31 imap1 dovecot: [ID 107833 mail.error] IMAP(xyz): x) failed: File
>>name too long
>
>
> So you're exposing the entire home directory to Dovecot? Everything
> would go a lot more nicely (and faster) if Dovecot would have access
> only to actual mailboxes. Can't you just force everyone to use e.g.
> ~/mail/ directory (mail_location = mbox:~/mail)?
It is on my long term ToDo list (I would prefer that). But actually it is
very difficult to realize that in our environment.
Currently we're saying that one should configure an IMAP server directory
(but most users don't want to read the documentation).
>>Is there something I can do (these links should be ignored) ?
>>Or is it a bug ?
>
>
> I don't think Dovecot should ignore those kind of errors, because if it
> happens on a normal mail directory, it's most likely a problem sysadmin
> should know about and fix. But in this kind of a mixed system.. well,
> modifying sources would be the only solution.
Ok.
Martin
---------------------------------------------------------------
Martin Preen, Universität Freiburg, Institut für Informatik
Georges-Koehler-Allee 52, Raum 00-006, 79110 Freiburg, Germany
phone: ++49 761 203-8250 preen at informatik.uni-freiburg.de
fax: ++49 761 203-8242 www.informatik.uni-freiburg.de
More information about the dovecot
mailing list