[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: problem with Postfix port



On Thu, 24 Dec 1998, Matthew Patton wrote:

# What I haven't figured out is what to do with mail.local or
# /var/spool/mqueue. Right now mail.local bitches about having to be root. 
# The offending code can be yanked. The issue though is how to safely
# append to the user's mail file. Either we don't attempt to become the
# user (which requires root) while processing his mail box, or we make his
# mailbox writable by group "mailer" or something. Is that a reasonable
# thing to do? My ultra short-term solution is to suid mail.local again. 

	This is easily fixed by replacing the mail system.  Cyrus is much
safer in this respect.  Only Cyrus can read/write in the mail directories,
and it never touches root.  It's not the only system that does this. 
Yeah, it means you gotta use POP or IMAP, but at some point, you have to
stop trying to work around something that's broken.  IMAP means you can no
longer check your mail with the mail(1) command (unless someone adds IMAP
support), but given a decent mail reader, IMAP gives you as much
flexibility as you would have with local mail but you get the happy safe
feeling of not having a server running as root to read your mail.

--
SA, beyond.com           My girlfriend asked me which one I like better.
pub  1024/3CAE01D5 1994/11/03 Dustin Sallings <dustin@spy.net>
|    Key fingerprint =  87 02 57 08 02 D0 DA D6  C8 0F 3E 65 51 98 D8 BE 
L_______________________ I hope the answer won't upset her. ____________