[Dovecot] How to achieve proper privilege separation?
atoth at atoth.sote.hu
Fri Feb 24 21:35:46 EET 2012
It was probably caused by a bug already corrected. And not by dovecot.
Author: Brad Spengler <spender at grsecurity.net>
Date: Mon Feb 20 09:17:57 2012 -0500
Fix wrong logic on capability checks for switching roles, broke policies
Thanks to Richard Kojedzinszky for reporting
I'll test it with an updated kernel containing the fix.
dr Tóth Attila, Radiológus, 06-20-825-8057
Attila Toth MD, Radiologist, +36-20-825-8057
2012.Február 24.(P) 00:28 időpontban Timo Sirainen ezt írta:
> On 24.2.2012, at 1.26, Timo Sirainen wrote:
>> On 23.2.2012, at 21.56, Tóth Attila wrote:
>>> In the mean time I've upgraded to 2.1.
>>> I've enabled debug logging and logged in.
>>> I suspect that hardening features can be blamed for my problem. After
>>> booting a previous kernel the behavior was reverted.
> BTW. It would be interesting to know if the attached patch causes it to
> fail with the hardening patches.
More information about the dovecot