search for: unprivilidg

...sue) * Is there a way to cleanly disable reporting to the stats service? Previously, running as preauth was all very clean. * Just wanted to highlight that IMAP preauth is really useful. Even though it might not be mainstream, it seems healthy to be able to easily install dovecot as an unprivilidged user in a "unixy" way. I'm on FreeBSD 11.2, with dovecot from ports. dovecot.conf below. -- Mark # # Dovecot configuration # mail_location = maildir:~/Maildir postmaster_address = postmaster namespace { inbox = yes } ssl = required ssl_cert = </etc/ssl/lets.crt ssl_ke...

Bill Moran wrote: > This report seems pretty vague. I'm unsure as to whether the alleged > "bug" gives the user any more permissions than he'd already have? Anyone > know any details? This is a local denial of service bug, which was fixed 6 weeks ago in HEAD and RELENG_6. There is no opportunity for either remote denial of service or any privilege escalation. >

...o cleanly disable reporting to the stats service? > Previously, running as preauth was all very clean. > > * Just wanted to highlight that IMAP preauth is really useful. Even > though it might not be mainstream, it seems healthy to be able to easily > install dovecot as an unprivilidged user in a "unixy" way. > > I'm on FreeBSD 11.2, with dovecot from ports. dovecot.conf below. > Can't see anything in the Dovecot 2.3.4 code that would give this problem, setting stats_writer_socket_path = will overwrite the default value and dovecot does not attempt t...

...porting to the stats service? >> Previously, running as preauth was all very clean. >> >> * Just wanted to highlight that IMAP preauth is really useful. Even >> though it might not be mainstream, it seems healthy to be able to easily >> install dovecot as an unprivilidged user in a "unixy" way. >> >> I'm on FreeBSD 11.2, with dovecot from ports. dovecot.conf below. >> > Can't see anything in the Dovecot 2.3.4 code that would give this > problem, setting > > stats_writer_socket_path = > > will overwrite the defa...