[Dovecot] v1.0 vs 1.1b re: Postfix and Dovecot LDA

Bill Cole dovecot-20061108 at billmail.scconsult.com
Fri Sep 28 02:53:23 EEST 2007


At 3:58 PM -0400 9/26/07, Jerry Yeager  imposed structure on a stream 
of electrons, yielding:
>In running the various 1.0.n versions of Dovecot's LDA with the 
>instructions in the wiki for using LDA with Postfix [on OS X 10.4] 
>things went well using the instructions as-is (no setuid problems).
>
>This changed in moving over to the 1.1 beta. The LDA refused to work 
>failing with the error "setgroups() failed: Operation not permitted" 
>as I mentioned in a previous message.

That looks like a bug. A program that calls setgroups() must be 
running as root. It seems to me that a code path leading to such a 
call should probably be able to identify that issue before the call 
and provide a better failure message than translating EPERM into its 
standard meaning....

The interesting question would be: why does deliver want to call 
setgroups() at all?


>After reading the exchange between Bill Cole and Rich Winkel and 
>following up on this, it seems that the new 1.1b wants you to give 
>the Deliver app specific setuid permission via:
>
>cd /path/to/where/dovecot's/deliver/is
>
>sudo chmod u+s deliver
>
>Then things worked as before. There was no need to give the group 
>'s' permission nor to change ownership of deliver from the default 
>root:staff or root:wheel or whomever... . The error message seems 
>odd though.
>
>
>I am not sure if, overall, this means there is a problem in Dovecot 
>1.0.n or that things are being tightened up in 1.1b.
>
>Thanks Bill and Rich for the tip!

I'd love to take credit, but I thought that was about the LDA with 
Sendmail, which is rather different, and Rich was running 1.0.3...

In any event, I won't go so far as to say that running deliver as 
setuid root is actively dangerous, but it feels wrong to me and I 
wouldn't do it. That may be from too much exposure to bizarre attacks 
through delivery agents in the Dark Ages.

That it works without being setuid on Linux is a touch odd.


-- 
Bill Cole                                  
bill at scconsult.com



More information about the dovecot mailing list