How to run IMAP as non-root, port 1024
I would like to build UW-IMAP to run as myself on a high port. The reasoning being that I have a regular user account on a remote box that doesn't run POP or IMAP. All mail access is by SSHing in and running the mail client locally. Sometimes I'm on a box that doesn't run an SSH client so I'd like to setup IMAP and then use SquirrelMail to access the IMAP server locally and then I can check my mail with a web browser from anywhere. I tried changing the listening port from 143 to 1143 and then compiling, but it appears more complicated than that as it wants to run under inetd and to write temp files to dirs owned by root, etc. Any suggestions on how I would accomplish this? Thank you, ~Matt -- -- For information about this mailing list, and its archives, see: http://www.washington.edu/imap/c-client-list.html --
Re: How to run IMAP as non-root, port 1024
On Sun, 24 Aug 2003, Mark Crispin wrote: If you run the IMAP server logged in as a non-root user, it will be preauthenticated as that user. This has two consequences: 1) it can not log in as any other user 2) there is no login or other security step; the client can immediately do arbitrary access to the user's mail. Actually, it looks like a relatively simple hack to change the if (uid ==0) to a different uid and skip the setuid bits, but that would be very silly. Bottom line is that UW imapd is 1) the reference implementation by the dudes who invented IMAP, so you can be pretty sure it's correct, and 2) designed to work pretty much as you'd expect with normal unix users following the normal unix security model with normal mail delivery with a default installation of sendmail, or something that acts like it, on a normal unix box. There's a bit more to it -- there's mbx format, which is very nice for speed and multiple access -- but if what you want is *NOT* normal unix users on a normal unix box running a default installation of sendmail or something similar, then you should probably be looking at the Cyrus imapd, which was designed from the start to run on sealed servers, not normal UNIX boxes running a more or less normal mail installation. -- Rich Graves [EMAIL PROTECTED] UNet Systems Administrator
Re: How to run IMAP as non-root, port 1024
For someone who is contemplating customization code to suit themselves, I would suggest that they are better off looking at the UW-IMAP code than at the Cyrus code. I speak from experence. Rich Graves wrote: but if what you want is *NOT* normal unix users on a normal unix box running a default installation of sendmail or something similar, then you should probably be looking at the Cyrus imapd, which was designed from the start to run on sealed servers, not normal UNIX boxes running a more or less normal mail installation.
