Date: Fri, 4 Dec 1998 19:34:53 +0200 (EET) From: Narvi <narvi@haldjas.folklore.ee> To: Simon Josefsson <jas@pdc.kth.se> Cc: andrew@squiz.co.nz, FreeBSD Security <security@FreeBSD.ORG> Subject: Re: IMAP (was Re: mail.local) Message-ID: <Pine.BSF.3.96.981204193358.21183A-100000@haldjas.folklore.ee> In-Reply-To: <iluk907g9k0.fsf@xiphias.pdc.kth.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4 Dec 1998, Simon Josefsson wrote: > Andrew McNaughton <andrew@squiz.co.nz> writes: > > > So, does anyone know an IMAP server which can be set up to limit which > > areas of the file system are accessible, and preferably that can run of a > > passwd file other than the system one? > > Cyrus IMAPD for instance. There is nothing in the IMAP protocol that > says you have to export your file system to the world -- it's just a > protocol for transfering messages (basicly). > > If you configure your IMAP to export everything to the world it will, > but you really can't blaim the design of IMAP or the IMAP RFC for > that. > > By default the Cyrus IMAPD store the article in /var/spool/imap (or > similar), and there are user configurable ACL's in the protocol > (similar to AFS ACL's) restricting access to the mailboxes. > > The UWash server is designed to export the entire unix file system via > IMAP, this is a design choice and if you don't like it, configure it > not to or use another IMAP server. > > /s > Shouldn't the FreeBSD port "by-default" configure it in a secure way, that is, the file system import disabled? Sander There is no love, no good, no happiness and no future - all these are just illusions. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981204193358.21183A-100000>