Re: Postfix Security Documentation

To: Tomasz Papszun <tomek@lodz.tpsa.pl>
Cc: debian-security@lists.debian.org
Subject: Re: Postfix Security Documentation
From: Lupe Christoph <lupe@lupe-christoph.de>
Date: Wed, 20 Aug 2003 12:59:39 +0200
Message-id: <[🔎] 1061377179.3f43549b7fd28@www.lupe-christoph.de>
In-reply-to: <[🔎] 20030820092816.GC20545@lodz.tpsa.pl>
References: <[🔎] 20030820085555.GD29865@localnet> <[🔎] 20030820092816.GC20545@lodz.tpsa.pl>

Quoting Tomasz Papszun <tomek@lodz.tpsa.pl>:
> On Wed, 20 Aug 2003 at 10:55:55 +0200, Sven Riedel wrote:

> > is there any documentation on securing a postfix server readily
> > available? I didn't find anything much at the postfix homepage, nor in
> > the postfix-doc package. 
> > I'd be especially interested in chrooting postfix processes.

> In Debian, postfix is chrooted by default.

Not true. A number of processes are chrooted, but not all. Please look
at /etc/postfix/master.cf (IIRC). This is a standard feature of Postfix.

Sven, do you want to chroot *all* processes? Postfix is supposed to be
secure out of the box (except for programming errors, as we recently
saw :-( ). So improving Postfix security should be done inside of
Postfix. You may want to you the Postfix mailing list (warning: lots
of traffic!) and ask there.

Lupe Christoph
-- 
| lupe@lupe-christoph.de       |           http://www.lupe-christoph.de/ |
| "Violence is the resort of the violent" Lu Tze                         |
| "Thief of Time", Terry Pratchett                                       |

Reply to:

Follow-Ups:
- Re: Postfix Security Documentation
  - From: Tomasz Papszun <tomek@lodz.tpsa.pl>

References:
- Postfix Security Documentation
  - From: Sven Riedel <sr@gimp.org>
- Re: Postfix Security Documentation
  - From: Tomasz Papszun <tomek@lodz.tpsa.pl>

Prev by Date: Re: ftp.gnu.org cracked
Next by Date: Re: pam doesn't see nis
Previous by thread: Re: Postfix Security Documentation
Next by thread: Re: Postfix Security Documentation
Index(es):
- Date
- Thread