Viktor Dukhovni:
> On Sun, Jan 30, 2022 at 12:14:30PM -0500, Wietse Venema wrote:
>
> > Perhaps the time has come to get away from giving non-Postfix
> > programs access to a directory with Postfix internal sockets.
> >
> > We could redesign the master.cf 'private' field, so that for
> > UNIX-domain sockets:
> >
> > master.cf directory mode
> > y private 0700 (no change)
> > n protected 0710 (was: public)
> > x public local policy
> >
> > Postfix sockets are moved from the 'public' to the 'protected'
> > directory, and the 'public' directory no longer contains any Postfix
> > sockets.
> >
> > Then we can remove the 'public' directory from /etc/postfix/postfix-files,
> > and leave the dirctory owner/group and permissions up to local
> > policy. Each application can have its own subdirectory under 'public'
> > with permissions that allow access to only that app and postfix.
> >
> > With inet sockets, 'y' and 'n' behave as before, and 'x' behaves
> > like 'n'.
>
> Seems mostly reasonable for Postfix 3.8. The "dovecot" auth socket is
> typically in "public" IIRC. It would probably now be "protected", and I
Why? Why force third-party code to change pathnames?
Wietse
