[Dovecot] Postfix & Dovecot LDA
Láďa
durchanek at gmail.com
Mon Jan 22 20:08:25 UTC 2007
My apologies, I went back and the correct is that I asked whether it is not
unsafe and you did not reply anything. So I remembered it as "Yes, it safe".
Btw. question about benefits is interesting me too, because I can not see
any now and I am planning to move everything under single UID.
Láďa
-----Original Message-----
From: Timo Sirainen [mailto:tss at iki.fi]
Sent: Monday, January 22, 2007 8:53 PM
To: Láďa
Cc: 'Jochen Schulz'; 'Dovecot Mailing List'
Subject: Re: [Dovecot] Postfix & Dovecot LDA
On Mon, 2007-01-22 at 18:12 +0100, Láďa wrote:
> Hi,
> I have a setup, which is the same (currently in testing).
>
> Main problem is that LDA has to switch its privileges to the owner of mail
> so it has to be run as root. Marking it suid solves the problem, than you
> can change it to be executable only by Postfix.
> Timo says that this is the safe way and I personally believe him :-)
I don't remember saying it's completely safe, but it's about the only
possibility there is currently. There may be bugs that allow local
attackers to get root privileges using the suid-root deliver. To make it
safer, you could put the suid-root deliver into a directory that only
postfix has access to. The whole Dovecot's libexec-dir could actually be
made that way, as long as you're not using
mail_drop_priv_before_exec=yes.
More information about the dovecot
mailing list