[dovecot] Group ID validation and FreeBSD
Dominic Marks
dom at cus.org.uk
Tue Apr 15 19:00:32 EEST 2003
Hey,
I've been working on making the Dovecot FreeBSD port resemble something
which actually works this weekend, it's now much improved - one thing
that I did notice is that Dovecot validates a users GID and will not
accept a group id of 0. In FreeBSD the group wheel has a the id 0 and
only members of the wheel group are allowed to use su and become root.
Consequently there are non-root users who have group id's of 0. When you
try and open the mailbox of such a user with Dovecot the connection is
killed immediately.
It would be excellent to have an option in dovecot.conf along the lines
of allow_zero_gid which would disable these checks. From a quick look at
the source I can see that the validation is being done in
src/master/mail-process.c and that src/lib/restrict-access.c is also
involved. If I can get a working patch ready quickly I'll pass it along.
If anyone would like to take a look at the port you can get a copy at
the following address:
http://cus.org.uk/~dom/dovecot-0.99.8.1.shar.gz
Hopefully this will go into FreeBSD CVS quite soon.
Thanks,
--
Dominic
<dom at cus.org.uk> <d.marks at student.umist.ac.uk>
More information about the dovecot
mailing list