This is the mail archive of the cygwin-apps mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ITP] postfix 2.11.3


On Nov 21 22:48, Christian Franke wrote:
> Corinna Vinschen wrote:
> >>See above (It always switches to $mail_owner and does never use
> >>chown()).
> >>
> >> From postsuper.c:
> >>
> >>* All file/directory updates must be done as the mail system owner.
> >>This
> >>    * is because Postfix daemons manipulate the queue with those same
> >>* privileges, so directories must be created with the right ownership.
> >>
> >>
> >>>    In theory postsuper should just use the
> >>>account it's running under on Cygwin.
> >>In (upstream) theory & practice, it should run with least privileges,
> >>which is good :-)
> >Well, passwd -R is still some mild variation of security by obscurity, and it might not be allowed in some environments.
> 
> Further investigation shows that with a few modifications, postsuper could
> be run without passwd -R - except the rare case that the hash_queue_depth
> was changed for already queued messages.

Nice.  Is the latter a likely operation?  I'm running my own postfix on
Linux, but I never changed hash_queue_depth, I'm sure.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpheoB31_4Wa.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]