Re: RFC: Running Postfix chrooted in Debian
On 12/16/24 17:45, rhys wrote:
> However, privilege escalation is still a serious issue and should not be
> minimized by its likelihood.
I didn't, my point is that I think they are better/more effectively
adressed with other mechanims (systemd unit hardening) than chroot.
> The "REAL" danger is the system takeover, as it is much more damaging to surrounding systems, harder to detect, and harder to recover from.
compromised mail relays can happen (as with any other system) but they
are relatively easy to spot, taken out of service and resetup
automatically, ymmv.
> Using chroot is sometimes used as an excuse to leave things UNsafe, for obvious reasons. Better to fix the underlying issues and have a less complex system. Less complexity means easier to support, troubleshoot, AND keep secure.
which is why I'm in favour of dropping chroot here.
> But let us not minimize the importance of keeping our systems "un-pwned" by botnet operators. It's not about YOU. It's not about YOUR data. It's about not allowing your resources to become tools for malicious actors to use against everyone else.
nobody disagrees that the security of our/our users data and systems
matter and is of importance to us. thanks nevertheless for putting an
emphasis on it.
Regards,
Daniel
Reply to: