I see that the IMAP server allows access to arbitary files on the system, including /etc/passwd! How do I disable this?
You should not worry about this if your IMAP users are allowed shell access. The IMAP server does not permit any access that the user can not have via the shell. If, and only if, you deny your IMAP users shell access, you may want to consider one of three choices. Note that these choices reduce IMAP functionality, and may have undesirable side effects. Each of these choices involves an edit to file src/osdep/unix/env_unix.c The first (and recommended) choice is to set restrictBox as described in file CONFIG. This will disable access to the filesystem root, to other users’ home directory, and to superior directory. The second (and strongly NOT recommended) choice is to set closedBox as described in file CONFIG. This puts each IMAP session into a so-called “chroot jail”, and thus setting this option is extremely dangerous; it can make your system much less secure and open to root compromise attacks. So do not use this option unless you are absolutely certain that you understand all the i
Related Questions
- How could a user of my BBS (E-mail system, FTP server etc.) extract files from RAR archives while RAR is shareware and one must register after a 40 day evaluation period?
- I see that the IMAP server allows access to arbitary files on the system, including /etc/passwd! How do I disable this?
- Can I enable/disable a system capability without modifying /etc/lids/lids.cap and reloading the configuration files?
