Searching courier maildrop install I saw this: When using the standalone maildrop build with courier-authlib, one of the following configurations must be used:
* Your mail server must invoke maildrop as the root user (the -d flag reads the mail account's uid and gid, then drops root) . * Manually change the permissions on the maildrop binary to be setuid root. * Manually change the permissions on the courier-authlib's socket directory (/usr/local/var/spool/authdaemon by default) to be globally readable or executable. The default permissions on courier-authlib's socket directory blocks world-access to the filesystem socket connected to courier-authlib's authentication daemon process. In order for maildrop to connect to the authentication library, maildrop must either have root privileges (which will be temporary, as soon as maildrop determines the account's userid and groupid, it will drop root, before reading the maildroprc file), or courier-authlib's socket directory must have world read and execute permission. Note that if the permissions on the socket directory are changed, anyone on the system can connect and obtain any account's password! It is the system administrator's responsibility to choose the appropriate security policy when using the Courier Authentication Library. Also I saw it must be a list of trusted user to do this?? -- maildrop missing maildir path in authldaprc https://bugs.launchpad.net/bugs/121907 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
