[dovecot] Re: inetd/xinetd/tcpserver support
Charlie Brady
charlieb-dovecot at e-smith.com
Thu Mar 20 10:27:39 EET 2003
On 20 Mar 2003, Timo Sirainen wrote:
> On Thu, 2003-03-20 at 03:30, Charlie Brady wrote:
> > I have a working tcpserver system, but one using a substantially different
> > process mix. I haven't used imap-login at all, but have used
> > imapfront-auth from Bruce Guenter's mailfront package
> > (http://www.untroubled.org/mailfront/).
> >
> > 002 login foo xxxxx
> > * PREAUTH [CAPABILITY IMAP4rev1 SORT THREAD=REFERENCES MULTIAPPEND
> > UNSELECT LITERAL+ IDLE CHILDREN LISTEXT LIST-SUBSCRIBED] Logged in as foo
>
> There's one problem. Dovecot shouldn't reply with PREAUTH but "002 OK".
> Mailfront gives the 002 in environment variable, so you'd have to modify
> Dovecot to use it.
I realised that was a problem. I'm happy to hear that you have a solution
:-)
> Dovecot did before use such variable, but I changed
> it later to send the OK before executing imap process. I don't really
> remember why anymore, but I think there was a good reason :)
Perhaps the reason is to be found in CVS change logs.
I'd really appreciate it if you could point out to me where I'd find the
code which would make use of the variable.
> > Privilege separation is a very good thing. Is there any more detailed
> > documentation of how you have done yours than
> > http://dovecot.procontrol.fi/doc/design.txt?
>
> Not really. And I'm not really sure how I could get it more detailed? :)
> I think that tells the most relevant things.
I guess I asked the wrong question. I shouldn't have asked "how" - I
should have asked "why have you done it that way?". The system you have
seems over complex. Simple solutions (if they work correctly) are always
better.
> > Can you provide any reasons why I should use your imap-master, imap-auth
> > and imap-login proceses rather than my mix'n'match setup? I'm confident
> > that my setup has the simple, secure, reliable characteristics that I
> > need, whereas I don't have the same confidence in your process set - it
> > seems unnecessarily complex to me.
>
> Well, your setup doesn't have privilege separation :) It runs as root
> all the way until imap process is started. I looked at mailfront and it
> looked good, but I wouldn't be that confident after you add SSL support.
> There's been holes in OpenSSL library, and I think there's still more to
> be found (or created). Security holes in it gives instant root access
> with your setup,
Not so. See below.
> with Dovecot setup the process executing SSL is
> non-privileged and chrooted so it's not very likely that attacker could
> do much there.
If you have a look at Scott Gifford's work, he also runs SSL non-root and
chrooted. I agree with you that that is a very significant improvement
over established practice.
> Another problem with mailfront is that it doesn't support IMAP literals,
> eg.:
>
> x login {4}
> user {4}
> pass
>
> I don't know if there's any clients that would do it, but it would be
> valid for them.
Yes, that is a deficiency, but as you point out, probably not practically
relevant at the moment. If it did become a problem, mailfront could be
patched - it's GPL software, and Bruce Guenter can be persuaded to do
commissioned work.
--
Charlie
More information about the dovecot
mailing list