[Dovecot] Securing mailboxes and passwords
Timo Sirainen
tss at iki.fi
Wed Feb 25 02:11:43 EET 2009
On Wed, 2009-02-25 at 00:38 +0100, Daniel Aleksandersen wrote:
> Sendt: Wed, 25 Feb 2009 00:29:17 +0100
> Fra: Pascal Volk
> > On 25.02.2009 00:25 Daniel Aleksandersen wrote:
> > > The recepie assumes I have a group called secmail. I don’t. Am I supposed to create
> > > a special group for this purpose?
> >
> > Yes, if the group does not exists, you have to create it. You could call
> > it whatever you want.
>
> I created the group and set the permissions to deliver as described in the recepie. I
> then added just about every user to that group.
No, don't do that. The point of it was to make deliver executable only
by your MTA, no one else. If other people were able to execute it, they
could gain root privileges.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20090224/584f8b83/attachment.bin
More information about the dovecot
mailing list