How to Configure Qmail on Fedora Core 1 Server
Fritz Whittington
f.whittington at att.net
Wed Jul 28 04:51:23 UTC 2004
On or about 2004-07-27 20:48, Jeff Vian whipped out a trusty #2 pencil
and scribbled:
>On Tue, 2004-07-27 at 13:54, Craig White wrote:
>
>
>>On Tue, 2004-07-27 at 11:15, Fritz Whittington wrote:
>>
>>
>>>*Mail read with Mozilla on a Windows machine from a POP3 server doesn't
>>>have root's privileges either!*
>>>(And yes, you can do anything in vi that you might want to do in emacs,
>>>so let's just ship *one* editor with the system and force everyone to do
>>>it *that* way, just because! OK with you? I thought not.) Of course,
>>>I guess I could set up the foo alias and then read foo's mail with
>>>Mozilla on a Windows machine from a POP3 server. Can you prove that to
>>>be even a tiny bit more secure?
>>>
>>>
>>---
>>
>>
>
>MUCH more secure, since the user foo would not have root privledges. If
>that account is cracked they still are restricted on privileges. If the
>root account is cracked all bets are off.
>
>Pop3 and imap protocols pass user name and password in plain text when
>logging in.
>
>The issue is not the privileges of the mail client but the security of
>the accounts when using plain text to log in and the possible privileges
>when logging in to those accounts if someone gains access by obtaining
>the password.
>
>
>
>>that isn't the point though. If root can retrieve email from his account
>>- be it local or remote is the issue. You are differentiating a system
>>that doesn't differentiate. Restricting root's access locally would
>>require something like hosts.allow/deny or iptables, both of which is
>>beyond the safeguards of dovecot or whichever pop/imap daemon you
>>employ.
>>
>>Proving that accessing mail from account foo or account root via POP3
>>remotely is inherently more secure is not relevant.
>>
>>
>>
>
>The security issue with reading mail as root via pop3 or imap is the
>password. With these clients the password/username is passed in plain
>text and for security that is not acceptable as root.
>
>
>
Not true for the pop3s and imaps versions.
>Sniffers to read plain text from the network are common.
>
>
Perhaps you have not read all the previous postings carefully. A
sniffer that could read anything off of the 2-foot long patch cords that
connect my Linux and Windows boxes to the LAN switch would be uncommon
indeed. Anyone who could install such a thing could much more easily
re-boot my Linux in single-user mode and do whatever he wished, since he
would have to break into my house to do either of those.
It's not that I don't believe in taking security measures, but that they
should be appropriate to the circumstances. I don't run to the bank
every night to put my Bic ball-point pens in the safety-deposit box
until the next morning.
--
Fritz Whittington
Let the fear of danger be a spur to prevent it; he that fears not, gives advantage to the danger. (Francis Quarles)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3252 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040727/a33af6ac/attachment-0001.bin>
More information about the fedora-list
mailing list