Create a malicious directory

L A Walsh dovecot at tlinx.org
Mon May 20 20:30:00 EEST 2019


First, you might want to control access to who is allowed to use
your server, your email and dovecot.  If they are malicious, maybe you
want to disallow their access.

Second, you might want to make sure that dovecot and doveadm,
do not have permissions to run programs outside of a few that
are needed.  Perhaps put them in a chroot jail?

Or install a stronger kernel security module.  Some disallow things
by roles, some disallow things by labels and some by path. 
You can also set a file to be
append only, so delete won't work on it (see chattr(1)).

There are quite a few ways to add more security, but such issues
are complex and well beyond the scope of this list.  If you
are concerned with security, and don't know how to configure it,
consider disallowing all access to your server, except for yourself.

*cheers*







On 2019/05/19 21:22, lty via dovecot wrote:
>
> Use scripts to create some malicious directories. Here is my creation
> process. How can I prevent the creation of these directories?
> I used the python imapclient script to create a directory.
>
> There may be no big threat to dovecot, but it is dangerous for doveadm.
>
On 2019/05/19 18:22, hfh via dovecot wrote:

Directory name have some malicious characters, is it safe?How can I
exclude some characters,thanks!大笑


--------------------
Realistically, nothing is 100% safe unless it is stored in 100ft of
concrete and buried where no one can find it.  Safety and usability are
ever at odds
with one another.



More information about the dovecot mailing list