[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Grsecurity, ssh and postfix



On Fri, 5 Dec 2003 21:45:01 +0100
Florian Weimer <fw@deneb.enyo.de> wrote:

> The privilege separation code invokes chroot(), too.
> 
> Is there a "do not create any new file descriptors" process attribute
> in grsecurity?  If there is, OpenSSH should toggle instead of calling
> chroot() to an empty directory, which is a poor replacement.

Hello,

Thanks for your explanation but i don't know how to do that with
grsecurity. I am looking after this.

I have done a chroot environment for ssh to log in for fetch, read and
send mails with mutt, procmail, fetchmail and postfix. But i would like
to know how i can integrate postfix to this chroot environment. Could
you give me some advices about this ?

Thanks for your help...
Arnaud Fontaine

----- signature
Arnaud Fontaine <dsdebian@free.fr> - http://www.andesi.org/
GnuPG Public Key available at http://www.andesi.org/gpg/dsdebian.asc
Fingerprint: 22B6 B676 332E 23BC CA7D 174D 6D41 235A 23A2 500A

------ fortune
"There are a billion people in China. And I want them to be able to pass
notes to each other written in Perl. I want them to be able to write
poetry in Perl. 

That is my vision of the Future. My chosen perspective."

  -- Larry Wall (Open Sources, 1999 O'Reilly and Associates)

Attachment: pgp2gDV4dHqxX.pgp
Description: PGP signature


Reply to: