This is not specific to postfix, but I cannot pass this opportunity to
remind/inform people that chroot is itself a potential source of
security vulnerabilities:
Please enjoy studying this beautiful local privilege escalation bug in
FreeBSD's ftpd, which was enabled by chroot jail:
https://www.zerodayinitiative.com/blog/2020/12/21/cve-2020-7468-turning-imprisonment-to-advantage-in-the-freebsd-ftpd-chroot-jail
> On 2022-12-13 00:17, Wietse Venema wrote:
The chroot feature makes post-exploitation of bugs (in Postfix,
libraries, etc) more more difficult, because there are fewer things
that an attacker can play with. For example no set-uid root programs,
no files in /proc, and no file system races against privileged programs.
One could argue that containers provide a minimized environment,
but that is not necessarily the case. The ones that do minimize
sometimes come with crippled libc implementations that introduce
problems of their own.
By the way it is rude to post html-only email to a mailing list.
Wietse
