[Dovecot] How to achieve proper privilege separation?

"Tóth Attila" atoth at atoth.sote.hu
Fri Feb 24 21:35:46 EET 2012


It was probably caused by a bug already corrected. And not by dovecot.

commit 4fd554e3a097b22c5049fcdc423897477deff5ef
Author: Brad Spengler <spender at grsecurity.net>
Date:   Mon Feb 20 09:17:57 2012 -0500

    Fix wrong logic on capability checks for switching roles, broke policies
    Thanks to Richard Kojedzinszky for reporting

I'll test it with an updated kernel containing the fix.

Thx:
Dw.
-- 
dr Tóth Attila, Radiológus, 06-20-825-8057
Attila Toth MD, Radiologist, +36-20-825-8057

2012.Február 24.(P) 00:28 időpontban Timo Sirainen ezt írta:
> On 24.2.2012, at 1.26, Timo Sirainen wrote:
>
>> On 23.2.2012, at 21.56, Tóth Attila wrote:
>>
>>> In the mean time I've upgraded to 2.1.
>>> I've enabled debug logging and logged in.
>>>
>>> I suspect that hardening features can be blamed for my problem. After
>>> booting a previous kernel the behavior was reverted.
>>
>> OK.
>
> BTW. It would be interesting to know if the attached patch causes it to
> fail with the hardening patches.
>




More information about the dovecot mailing list