Root Privileges and Local Delivery Security

Popularity:

5

Simplicity:

5

Impact:

10

Risk Rating:

7

As with any software, carefully evaluate how permissions and privileges are used in your email flow. The reason why most mail daemons need to run as privileged users or have the setuid bit is always related to local delivery.

In theory, an email gateway that doesn't need to perform local delivery can safely run as non-root by dropping privileges as soon as the necessary sockets are bound. Some mail servers allow you to customize their environment (like Sendmail) whereas others can only be executed as the author originally designed them (like Postfix).

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment