[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#470994: mail_spool default mode is 0660

On Tue, Mar 18, 2008 at 11:53:29AM +0100, Raphael Hertzog wrote:
> On Tue, 18 Mar 2008, Josip Rodin wrote:
> > Or they don't use root at all for the MDA, instead setuid'ing to the user
> > itself. See also #405584.
> 
> If you didn't had to setuid to the user, you wouldn't need to be root in
> the first place. That's what Russ is explaining you. And an IMAP/POP daemon
> running without root privilege might be preferrable.

parse error :) but yes. I can see the theoretical advantage, yes, but do
we have this in practice? It doesn't look like it. Dovecot, UW i{map,pop}d
and Courier all seem to 'log in' as the user by doing something like
setuid(getuid()), and use the mail group only to get dot-lock capability
in /var/mail. Is there any other relevant mail software that needs to be
checked?

-- 
     2. That which causes joy or happiness.
Reply to: