does fedora have anything requiring :mail rw access?
Axel Thimm
Axel.Thimm at ATrpms.net
Sun Nov 8 16:37:34 UTC 2009
On Fri, Oct 09, 2009 at 03:31:45PM +0200, Michal Hlavinka wrote:
> I've got quite simple question from dovecot's upstream: Why do we have rw
> access on mails for mail group?
There are two popular models for MTA/MDAs. Run as root and drop
priviledges to the receiving user or run under another uid/gid (like
using gid mail) which then needs write access to all mailboxes.
So depending on the security model of the MTAs you use you may or may
not need the mail group being able to write into your mailboxes.
I wouldn't change it, because if you don't seem to need it then no
process is obviously running as gid mail. And in case you do switch to
another MTA/MDA with a different security model you will not be
surpised by mails not being delivered.
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20091108/258257af/attachment.sig>
More information about the fedora-devel-list
mailing list