On Oct 11, 2009, at 8:49 AM, Nicolas François wrote:
When an user is created, useradd creates a /var/mail/$USER mailbox
with
the mode 0660 (owned by $USER:mail).
I heard this causes some issues for dovecot, and a solution could
be to
move to mode 0600.
IIRC, it was a problem for the support of shared mailboxes.
Index files are created whose permissions mimic the mailbox'
permissions.
The 'mail' group ownership would require dovecot to be in the mail
group.
I assume that this could be solved internally by dovecot, but it
would be
easier (and safer) to move to a 0600 policy.
Correct. There's no reason for mailboxes to be 0660 in most systems,
they'll only make it easier to exploit some security hole read
everyone's mail. So although Dovecot could work around this issue,
I've always just instructed people to do chmod 0600 /var/mail/* as a
way to solve it.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
