[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: does fedora have anything requiring :mail rw access?



On Fri, Oct 09, 2009 at 03:31:45PM +0200, Michal Hlavinka wrote:
> I've got quite simple question from dovecot's upstream: Why do we have rw 
> access on mails for mail group?

There are two popular models for MTA/MDAs. Run as root and drop
priviledges to the receiving user or run under another uid/gid (like
using gid mail) which then needs write access to all mailboxes.

So depending on the security model of the MTAs you use you may or may
not need the mail group being able to write into your mailboxes.

I wouldn't change it, because if you don't seem to need it then no
process is obviously running as gid mail. And in case you do switch to
another MTA/MDA with a different security model you will not be
surpised by mails not being delivered.
-- 
Axel.Thimm at ATrpms.net

Attachment: pgp8EpNs1p2xR.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]