[Dovecot] Why can NOT login as root
other at ahhyes.net
Tue Sep 20 06:49:23 EEST 2011
On Tue, 20 Sep 2011 02:50:32 +0300, Timo Sirainen wrote:
> On 20.9.2011, at 2.22, Linda Walsh wrote:
>> I can log in via SSH, so why not allow it with secure IMAP? I
>> really, if someone wants to run as root with no password dovecot
>> should be
>> **configurable** to allow this -- as we can't always understand the
>> of end users.
> Because there's no good reason to read mails as root. If you can give
> me a good reason I might reconsider, but I highly doubt that's going
> to happen.
> Anyway it's mainly about making sure that in the case of some
> internal security hole (or misconfiguration) in Dovecot at least that
> security hole couldn't be leveraged to gain root privileges that
> allow reading everyone's mails.
>> Example. You have a system on which root uid=0 means nothing
>> (assigns no
>> privs -- all assigned via privilege/capability bits).
>> This means dovecot is hardcoded to lock out a user that may have no
>> privileges, but has no prob permitting access to those with full
>> Capability/priv sets.
> Rare, and in such cases irrelevant.
More information about the dovecot