Date: 04 Dec 1998 17:23:59 +0100 From: Simon Josefsson <jas@pdc.kth.se> To: andrew@squiz.co.nz Cc: FreeBSD Security <security@FreeBSD.ORG> Subject: Re: IMAP (was Re: mail.local) Message-ID: <iluk907g9k0.fsf@xiphias.pdc.kth.se> In-Reply-To: Andrew McNaughton's message of "Fri, 4 Dec 1998 19:51:34 %2B1300 (NZDT)" References: <Pine.BSF.4.05.9812041935300.27408-100000@aniwa.sky>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew McNaughton <andrew@squiz.co.nz> writes: > So, does anyone know an IMAP server which can be set up to limit which > areas of the file system are accessible, and preferably that can run of a > passwd file other than the system one? Cyrus IMAPD for instance. There is nothing in the IMAP protocol that says you have to export your file system to the world -- it's just a protocol for transfering messages (basicly). If you configure your IMAP to export everything to the world it will, but you really can't blaim the design of IMAP or the IMAP RFC for that. By default the Cyrus IMAPD store the article in /var/spool/imap (or similar), and there are user configurable ACL's in the protocol (similar to AFS ACL's) restricting access to the mailboxes. The UWash server is designed to export the entire unix file system via IMAP, this is a design choice and if you don't like it, configure it not to or use another IMAP server. /s To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?iluk907g9k0.fsf>