[Dovecot] Running auth as root

Timo Sirainen tss at iki.fi
Tue Aug 31 22:10:05 EEST 2010


On Tue, 2010-08-31 at 21:07 +0200, Egbert Jan van den Bussche wrote:
> > If your /etc/shadow is readable by "shadow" group, you can use
> > auth_user=something that uses shadow group as the primary group (maybe
> > create a new "doveauth" user).
> >
> 
> TNX Timo. I have added vmail to the shadow group. Now it may read 
> /etc/shadow.

That doesn't sound like such a good idea. Now all imap/pop3/etc
processes can read your /etc/shadow. Only auth process needs to do that.




More information about the dovecot mailing list