Hello,
Am 22.09.2015 um 00:37 schrieb Stephan Bosch:
Op 9/21/2015 om 2:34 PM schreef Hajo Locke:
Hello,
i use sieve extension sieve_extprograms to send incoming mail to some script. For security reasons it is needed that script-paths etc. are registered in dovecot.conf This is my current dovecot.conf
plugin { sieve = ~/.dovecot.sieve sieve_plugins = sieve_extprograms sieve_extensions = +vnd.dovecot.pipe +vnd.dovecot.filter +vnd.dovecot.execute sieve_pipe_bin_dir = /usr/local/bin/ sieve_filter_bin_dir = /usr/local/bin/ }
.dovecot.sieve example:
if address "to" "test@example.com" { filter "myfilter"; } Uhh.. you're pointing extprograms to a directory where many programs can be installed by default. That is unwise to put it mildly. Do not allow Sieve to execute random programs like this. Typical use is to point it to a directory of scripts that check their arguments vigorously for malicious use, not common system tools.
We use some global scripts for mail-processing which are located in /usr/local/bin/ Just a bunch of scripts is available, others are blocked by chmod+apparmor. Users cant upload own scripts to /usr/local/bin
This is all working without problems.
Is there a possibility to allow users the execution of individual scripts in own homepath? Some people need to pipe mails to scripts for immediately processing (some ticketsystems need this). Is there a way to make this possible with sieve? It is generally not a good idea to let any user just execute any program they like from Sieve. The LMTP seteuid root privileges are dropped before executing the program, but still...
I dont see the big problem here. we migrating from mbox to mdbox and by the way we have to switch from procmail to sieve. procmail is a dinosaur but reliable. starting scripts etc. all is possible. procmail/sieve are running with userprivileges.
Our users cant reach other mailboxes/useraccounts, additional we use apparmor to prevent curious OS-access. may be 0.5 or 1% of users want to use individual scripts but in a hosting company it is not easy to tell that long time used technics get abolished.
Complete disabling to run individual scripts may be good for standard-users, but admins should not be restricted without chance of change.
About your question: the extprograms plugin currently supports only one directory for programs. You could use those scripts to execute/include a script in the user's directory, e.g. based on script parameters. You can also set sieve_*_bin_dir from userdb, to make these user-specific.
We already use plenty userdb settings. i will try to add sieve_*bin_dir, but it seems of cost of our global-scripts in /usr/local/bin/ .
Regards,
Stephan.
Thanks, Hajo