On Jul 23, 2008, at 9:31 AM, Edgar Fuß wrote:
I fully understand Timo's concern of people not reading
documentation and then whining that librwapping doesn't work whereas
they simply forgot to put hosts.{allow,deny} into the login chroot.
Or they modify it in /etc and wonder why Dovecot doesn't see the
changes.
Would it be acceptable if either dovecot itself or the init script
copies /etc/hosts.{allow,deny} into the chroot (unless it's already
there)?
Then it would also have to keep checking when they change and copy..
Another kind of a problem is that it just makes the master process
more complex again. I'd like this to wait until v2.0's master process
rewrite. Then there could be a separate non-chrooted process that does
tcpwrapper checks and perhaps some other checks.