global admin without defaultdomain?

Kendrick Vargas ken at hudat.com
Mon Dec 29 11:27:41 EST 2003 

On Mon, 29 Dec 2003, Christian Schulte wrote:

> Since you enabled virtdomains why do you still want unqualified logins 
> if not due upgrading reasons from an old installation with unqualified 
> logins ? This all only has to do with unqualified logins which I do not 
> want/need except for the global admin. If someone plans on changing the 
> behaviour with the global admin and defaultdomain I would really like to 
> keep the ability to not let a global admin in if not connecting to 
> localhost and of course there should be a note about the change so that 
> next time updating cyrus I do not open up a security hole I spent hours 
> to prove that its greatly closed and safe :-)

Well, that's basically it. I want a global admin, so I need to have a 
defaultdomain set, which means the allowance of unqualified logins. As for 
only being able to log in via localhost to your global admin account, 
it's a bug whether you like it or not :-) Relying on a bug to maintain 
your security is really bad security. The only time I feel secure in my 
setups is when I know everything is working as it should, otherwise theres 
always that bit of doubt about things always working right.

Besides, it's not like you couldn't replicate that sort of behavior 
further down the road. You could always set up a specific IMAP instance to 
watch over localhost which uses a different configuration file which has 
the global admin settings. Then modify the other configuration file to get 
rid of the global admin priviledges. That way the system WILL ALWAYS do 
what you've now grown used to and you won't have to worry about it being 
fixed in the future. Actually, maybe there's another good config option 
for security, "globaladmininterfaces" which says which interfaces or IP's 
a global admin can log in as.

My need for a global admin is for my administrative web interface. I can 
set up my scripts to use one login on the backend and not have to worry 
about setting up specific user addresses in each domain for 
administration which pretty much makes them useless for actual mail 
receipt.
			-peace

-- 
Let he who is without clue kiss my ass

More information about the Info-cyrus mailing list