Hi,
A week ago I submitted an early patch, please ignore it. The patch
attached to this email has been tested and seems to work for me. I
have also attached instead of inline to solve problems with spaces/tabs.
The patch will, on systems that have libcap support, drop capabilities
that Dovecot doesn't need. For example there is no need for
CAP_SYS_MODULE, which enables module loading or
CAP_SYS_PTRACE/CAP_SYS_ADMIN/etc. If libcap isn't installed then
nothing will change, this is a compile-time only enhancement that
isn't configurable.
Personally I did not find that CAP_SYS_CHROOT was needed in order for
me to authenticate and access my mailbox, but I haven't configured
anything special with chrooting (yet). I added it because I see
chroot() is used in src/lib/restrict-access.c.
The patch was generated against 1.0-rc24 and tested with clients imp
and Thunderbird. My configuration uses a virtual passdb, requires TLS
for AUTH and exports auth-master under a different account. All of
this appears to work correctly.
I'd appreciate any comments, perhaps this will help safeguard the
1000EUR on non-hardened systems :)
David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dovecot-add-capability-dropping.patch
Type: text/x-patch
Size: 1829 bytes
Desc: not available
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20070227/f6757402/attachment-0002.bin>
