[Dovecot] tcp-wrappers.patch

Timo Sirainen tss at iki.fi
Mon Aug 4 21:12:59 EEST 2008


On Jul 23, 2008, at 9:31 AM, Edgar Fuß wrote:

> I fully understand Timo's concern of people not reading  
> documentation and then whining that librwapping doesn't work whereas  
> they simply forgot to put hosts.{allow,deny} into the login chroot.

Or they modify it in /etc and wonder why Dovecot doesn't see the  
changes.

> Would it be acceptable if either dovecot itself or the init script  
> copies /etc/hosts.{allow,deny} into the chroot (unless it's already  
> there)?

Then it would also have to keep checking when they change and copy..

Another kind of a problem is that it just makes the master process  
more complex again. I'd like this to wait until v2.0's master process  
rewrite. Then there could be a separate non-chrooted process that does  
tcpwrapper checks and perhaps some other checks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080804/cd5ff745/attachment.bin 


More information about the dovecot mailing list