Hi,
I'm in the process of upgrading from dovecot v1.1 to dovecot 2. We fetch
uid/gid user information from a database and also use post-login
scripting with mail_drop_priv_before_exec = yes which means the
postlogin script is executed with the permissions of the user we have
found in the database.
According to the dovecot2 wiki page, to get this behaviour in version 2
we have to set the post-login script to run as root and then su to the
user. This seems a bit of a strange (and insecure as you might forget)
way of doing this. Are there any other options, such as fetching a
certain column name from the database to set the value of service
imap-postlogin { user } or setting something like user = $user in the
configuration? (or is the configuration only read at startup so such
dynamic configuration can't be done in the service section?)
Cheers,
Mark
- [Dovecot] Post-login scripting with mail_drop_priv_before_ex... Mark Zealey
-
