[Dovecot] passwd, gid and uid
Thomas Leuxner
tlx at leuxner.net
Sat Dec 25 11:33:35 EET 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Am 25.12.2010 um 01:55 schrieb Mauricio Tavares:
> What should the uid and gid be associated with? In my setup I told postfix to use Dovecot LDA's deliver, which then is saving files as uid:gid of 1500:1500. How would that affect the uid:gid used in the passwd file? From what I read in the dovecot's wiki, you want them *not* to be anything that has the rights to access the emails. So, does that mean any value for them will do?
As you are using 'passwd' files instead of real system users you should probably set them to the same non-existing UIDs and GIDs used in the LDA setup. The "access problem" is set around scenarios where one would gain the elevated rights of a Dovecot component and thus could (possibly) access other users mail utilizing the same UIDs/GIDs. Not to mention compromised system accounts using the same.
http://wiki.dovecot.org/UserIds
Thomas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iEYEARECAAYFAk0VunQACgkQ+meF/S97aXgRnQCgq9RrsXTdbylnyfZx6tbgESTg
0AAAn2E+pbIJe613SF98wwEwS6XpS53l
=tOim
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list