[Dovecot] How to achieve proper privilege separation?
"Tóth Attila"
atoth at atoth.sote.hu
Fri Feb 24 21:35:46 EET 2012
It was probably caused by a bug already corrected. And not by dovecot.
commit 4fd554e3a097b22c5049fcdc423897477deff5ef
Author: Brad Spengler <spender at grsecurity.net>
Date: Mon Feb 20 09:17:57 2012 -0500
Fix wrong logic on capability checks for switching roles, broke policies
Thanks to Richard Kojedzinszky for reporting
I'll test it with an updated kernel containing the fix.
Thx:
Dw.
--
dr Tóth Attila, Radiológus, 06-20-825-8057
Attila Toth MD, Radiologist, +36-20-825-8057
2012.Február 24.(P) 00:28 időpontban Timo Sirainen ezt írta:
> On 24.2.2012, at 1.26, Timo Sirainen wrote:
>
>> On 23.2.2012, at 21.56, Tóth Attila wrote:
>>
>>> In the mean time I've upgraded to 2.1.
>>> I've enabled debug logging and logged in.
>>>
>>> I suspect that hardening features can be blamed for my problem. After
>>> booting a previous kernel the behavior was reverted.
>>
>> OK.
>
> BTW. It would be interesting to know if the attached patch causes it to
> fail with the hardening patches.
>
More information about the dovecot
mailing list