Hi,
A week ago I submitted an early patch, please ignore it. The patch
attached to this email has been tested and seems to work for me. I
have also attached instead of inline to solve problems with spaces/tabs.
The patch will, on systems that have libcap support, drop capabilities
that Dovecot doesn't need. For example there is no need for
CAP_SYS_MODULE, which enables module loading or
CAP_SYS_PTRACE/CAP_SYS_ADMIN/etc. If libcap isn't installed then
nothing will change, this is a compile-time only enhancement that
isn't configurable.
Personally I did not find that CAP_SYS_CHROOT was needed in order for
me to authenticate and access my mailbox, but I haven't configured
anything special with chrooting (yet). I added it because I see
chroot() is used in src/lib/restrict-access.c.
The patch was generated against 1.0-rc24 and tested with clients imp
and Thunderbird. My configuration uses a virtual passdb, requires TLS
for AUTH and exports auth-master under a different account. All of
this appears to work correctly.
I'd appreciate any comments, perhaps this will help safeguard the
1000EUR on non-hardened systems :)
David