[Dovecot] Permissions when running `dovecot --exec-mail imap`

Tim Marston tim at ed.am
Thu Jan 24 00:59:44 EET 2013


On Wed, Jan 23, 2013 at 10:03:50AM +0200, Timo Sirainen wrote:
> On 22.1.2013, at 21.44, Tim Marston <tim at ed.am> wrote:
> >  # chgrp mail /usr/bin/dovecot
> >  # chmod g+s /usr/bin/dovecot
> > 
> > I am still able to use IMAP normally, and I am now also able to set up
> > mutt with the following:
> You've now basically given any user ability to run any process with mail group privileges.

OK, I've un-done that.  Thanks.  :o)

Just out of interest, if I did this:

  # chgrp mail /usr/lib/dovecot/imap
  # chmod g+s /usr/lib/dovecot/imap

and set up mutt to run that insead, would that be any better?

> Other possibilities:
> b) Don't use dotlocking: mbox_write_locks = fcntl

OK, this looks like a good solution.  I will look in to this.

Thanks very much for the help.  :o)

All the best,

Tim Marston

More information about the dovecot mailing list