On Thu, 1 Aug 2019, Timo Sirainen via dovecot wrote:
On 31 Jul 2019, at 20.45, A. Schulze via dovecot dovecot@dovecot.org wrote:
Am 31.07.19 um 08:27 schrieb Sami Ketola via dovecot:
service lmtp { user = vmail }
please remove user = vmail from here or change it to root.
for security reasons lmtp service must be started as root since version 2.2.36. lmtp will drop root privileges after initialization but it needs to open /self/proc/io as root before that.
Hello Sami,
I don't read "root is required for lmtp" in https://wiki.dovecot.org/LMTP#Security neither does https://dovecot.org/doc/NEWS-2.2 say so. Could you proof that statement somehow?
Alternative is:
service lmtp { user = vmail drop_priv_before_exec = yes }
I'm not sure if you run into other problems with that.
OK, so now I am confused. At https://wiki.dovecot.org/LMTP#Security it says "If you're using only a single global UID/GID, you can improve security by running lmtp processes as that user"
So, if I am using a single UID/GID, then is the above wiki article correct or do I need to change my config?
Regards,
-- Tom me@tdiehl.org