From owner-freebsd-security Fri Dec 4 08:24:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA19054 for freebsd-security-outgoing; Fri, 4 Dec 1998 08:24:37 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from xiphias.pdc.kth.se (xiphias.pdc.kth.se [130.237.221.226]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA19049 for ; Fri, 4 Dec 1998 08:24:34 -0800 (PST) (envelope-from jas@pdc.kth.se) Received: (from jas@localhost) by xiphias.pdc.kth.se (8.8.5/8.8.5) id RAA14631; Fri, 4 Dec 1998 17:24:01 +0100 (MET) To: andrew@squiz.co.nz Cc: FreeBSD Security Subject: Re: IMAP (was Re: mail.local) References: From: Simon Josefsson In-Reply-To: Andrew McNaughton's message of "Fri, 4 Dec 1998 19:51:34 +1300 (NZDT)" Mime-Version: 1.0 Date: 04 Dec 1998 17:23:59 +0100 Message-ID: Lines: 23 User-Agent: Gnus/5.070061 (Pterodactyl Gnus v0.61) XEmacs/21.0 (Poitou) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andrew McNaughton writes: > So, does anyone know an IMAP server which can be set up to limit which > areas of the file system are accessible, and preferably that can run of a > passwd file other than the system one? Cyrus IMAPD for instance. There is nothing in the IMAP protocol that says you have to export your file system to the world -- it's just a protocol for transfering messages (basicly). If you configure your IMAP to export everything to the world it will, but you really can't blaim the design of IMAP or the IMAP RFC for that. By default the Cyrus IMAPD store the article in /var/spool/imap (or similar), and there are user configurable ACL's in the protocol (similar to AFS ACL's) restricting access to the mailboxes. The UWash server is designed to export the entire unix file system via IMAP, this is a design choice and if you don't like it, configure it not to or use another IMAP server. /s To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message