[Dovecot] Securing mailboxes and passwords
Scott Silva
ssilva at sgvwater.com
Wed Feb 25 18:10:11 EET 2009
on 2-24-2009 5:56 PM Daniel Aleksandersen spake the following:
> Sendt: Wed, 25 Feb 2009 01:36:00 +0100 (CET)
> Fra: "Daniel Aleksandersen"
>> Sendt: Tue, 24 Feb 2009 19:11:43 -0500
>> Fra: Timo Sirainent
>>> On Wed, 2009-02-25 at 00:38 +0100, Daniel Aleksandersen wrote:
>>>> Sendt: Wed, 25 Feb 2009 00:29:17 +0100
>>>> Fra: Pascal Volk
>>>>> On 25.02.2009 00:25 Daniel Aleksandersen wrote:
>>>>>> The recepie assumes I have a group called secmail. I don’t. Am I supposed to create
>>>>>> a special group for this purpose?
>>>>> Yes, if the group does not exists, you have to create it. You could call
>>>>> it whatever you want.
>>>> I created the group and set the permissions to deliver as described in the recepie. I
>>>> then added just about every user to that group.
>>> No, don't do that. The point of it was to make deliver executable only
>>> by your MTA, no one else. If other people were able to execute it, they
>>> could gain root privileges.
>> I started added other users just to troubleshoot the problems I have been havnig.
>> It did not work anyways, so I have removed other users from theat group.
>>
>> The permissions still must be 777 or dovecot starts throwing permission errors.
>>
>> I have tried a variety of other permissions including 677, 767, 776. All fail but 777.
>
> ps -ef|grep exim shows that exim is run by user 101. A look into /etc/group reveals
> the user as libuuid. Debian-exim is user 103. Could this be what is causing my
> problems? How do I change what user exim is run as?
/etc/group is the group numbers, not the user numbers. They don't always
coincide. /etc/passwd would have the user numbers.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20090225/5f889259/attachment.bin
More information about the dovecot
mailing list