Tomasz Pala via Postfix-users:
> On 2024-12-19 17:53, Wietse Venema via Postfix-users wrote:
> >
> > **HOWEVER** when Postfix runs a non-Postfix code on behalf of a
> > user (example: a command in a .forward file) THEN IT WOULD BE A
> > REAL WTF if that command has different rights than the user. If
> > the command CAN do something that the user CANNOT do, then that is
>
> This is a good example of things done well in postfix, that might get
> unnoticed or not understood by system administrator.
>
> In case of some hosting-only accounts the user might be not allowed to
> run any commands, by having no shell, "disable_functions =
> exec,shell_exec,system,..." in php.ini etc. But it's easy to overlook
> execution by local(8), which is not a subject of /etc/shells or any PAM
> checks AFAIK.
This is not the privilege escalation or loss that I had in mind. If you
don't want some user to have .forward files, edit main.cf:forward_path
and use pathnames that depend on $user instead of $home.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
