[ITP] postfix 2.11.3
Christian Franke
Christian.Franke@t-online.de
Fri Nov 21 21:48:00 GMT 2014
Corinna Vinschen wrote:
>> See above (It always switches to $mail_owner and does never use
>> chown()).
>>
>> From postsuper.c:
>>
>> * All file/directory updates must be done as the mail system owner.
>> This
>> * is because Postfix daemons manipulate the queue with those same
>> * privileges, so directories must be created with the right ownership.
>>
>>
>>> In theory postsuper should just use the
>>> account it's running under on Cygwin.
>> In (upstream) theory & practice, it should run with least privileges,
>> which is good :-)
> Well, passwd -R is still some mild variation of security by obscurity, and it might not be allowed in some environments.
Further investigation shows that with a few modifications, postsuper
could be run without passwd -R - except the rare case that the
hash_queue_depth was changed for already queued messages.
> But then again, what company would actually use postfix on Cygwin as their MTA? Never mind,then.
There already is a related warning in the Cygwin/postfix.README file.
Christian
More information about the Cygwin-apps
mailing list