varad gupta:
> Hi
>
> A colleague asked me a question to which I had not given much thought before.
>
> We all know that most postfix daemons/services run as unpriviliged
> users (apart from local and virtual) but the master daemon runs with
> root privileges?
>
> Is it not a risk running master as root (the same reason for running
> other processes as unprivileged) ?
>
> output of ps and lsof commands on my system are attached below :
>
> [root@vbg postfix]# ps -ef | grep master
> root 2237 1 0 16:29 ? 00:00:00 /usr/libexec/postfix/master
>
> [root@vbg postfix]# lsof -i tcp:25
> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
> master 2237 root 12u IPv4 15503 0t0 TCP
> localhost.localdomain:smtp (LISTEN)
All Postfix daemons are created as a root-privileged process. Root
privilege is needed during process initialization, to drop privileges,
while shutting down Postfix, to impersonate a recipient, or to
invoke a non-Postfix program without giving it postfix privileges.
Examples of such system calls are: bind, chroot, set(e)uid,
set(e)gid, (f)chown, kill.
Wietse
