However, when we have a postfix server on the same machine, that delegates 
authentication to dovecot SASL ... we can indeed log in as root on the postfix 
server.


You are not logging into Dovecot with root, you are connecting to Postfix for 
submission.

When you connect to dovecot using linux users (PAM) the process running takes 
on the UID of the login user to give file permissions to read that users home 
directory where email could be stored. The risk being if someone had root UID:0 
they could read anything on the server, not just the home directory of a user.

But you aren't logging into Dovecot, you are connecting to Postfix. You aren't 
checking mail or reading directories. You are only submitting an email to 
Postfix for submission services. Postfix runs as its own Postfix UID no matter 
who you authenticate as. So even though you are authenticating yourself with 
root credentials, you aren't doing so as the root UID, you aren't reading 
email, and you aren't accessing any file systems like Dovecot would be.

Reply via email to