Can't authorize via postfix
Scott Russell
lnxgeek at us.ibm.com
Mon Sep 30 08:52:46 EDT 2002
On Mon, Sep 30, 2002 at 09:04:40AM -0300, Henrique de Moraes Holschuh wrote:
> On Sun, 29 Sep 2002, Galen Johnson wrote:
> > Actually, I was wondering when the Debian chroot of postfix would rear
> > it's ugly head. There is really no reason to chroot postfix. Just edit
>
> Of course there is: Security. Watch as I try to find a way to chroot Cyrus
> as well...
>
> (it should actually be quite doable, master can run outside the chroot, and
> services can be selectively chrooted by master when started -- it depends on
> how much information from outside the chroot the services would need...)
Postfix I run chrooted, especially on boxes where user accounts exist.
I don't know if I would bother running Cyrus in chroot since it's a
closed box application anyway.
Sure, in theory chroot is 'more secure' regardless but often there is
a trade off between security and connivance. I can seriously increase
the security on any box I own by unplugging it from the network, but
that wouldn't be very convenient for me, or the users. :)
--
Scott Russell (lnxgeek at us.ibm.com)
Linux Technology Center, System Admin, RHCE.
Dial 877-735-8200 then ask for 919-543-9289 (TTY)
More information about the Info-cyrus
mailing list