On 2023-09-08, jeremy ardley via dovecot wrote:
The scenario you describe does not consider a breach of the web mail service that allows root access to the file system.
If the web service is compromised to that extent then the mail file store is also compromised.
If the mail file store is on a different device then an exploit has to not only breach the web service on the interface device, it then has to breach the remote store. This will be extremely difficult compared to simply breaching a web server and locally exploiting it.
When the dovecot server is on a remote system and correct firewalls are in place, then the attacker has to breach the imap protocols as well
But if root access is gained on the web server, root access is also gained on roundcube. And mails, the important thing to protect, can be freely read/deleted. At this point root access on the dovecot server does not matter.
Since when does a hacked website gain root? What argument is next, when your storage solution is hacked they have access to your files? Are you not working with linux? How frequent are exploits that give you a root. You can even run the webserver without root, because you only need binding the low port linux capability. So if your webserver process does not even run root, how can it gain it?