On Tue, Mar 15, 2005 at 11:19:59PM +0200, Timo Sirainen wrote:
On Sun, 2005-03-13 at 23:41 -0800, BSD Mail wrote:
root dovecot 481 5 tcp4 10.0.1.4:993 *:* root dovecot 481 6 tcp4 10.0.1.4:995 *:*
Fine for the first six lines it's doing what it's doing. But the last two lines are running as root. That is why I want to chroot the server. I would like if anyone can point me to some howto or notes on how to do so. If there is none I will have to configure a jail just for this purpose.
The chrooting options in config file are meant for chrooting login, auth, imap and pop3 processes. By default it's chrooting login processes. Having the master process itself chrooted isn't supported..
Does FreeBSD prevent root user from escaping chroot? Last I heard Linux didn't even try.
The whole point is that once you use chroot() then you're supposed to drop privs.