[tpop3d-discuss] Option to chroot() for virtual servers

Chris Lightfoot chris at ex-parrot.com
Mon, 16 Dec 2002 15:12:02 +0000

On Sun, Dec 15, 2002 at 06:48:54PM -0600, Travis Miller wrote:
> My Question:
> Does this seem like a worth while advantage to add?

yes... I'm not 100% sure about the way you've implemented
it, though, for the reasons you raise. I'd be more
inclined to chroot just before calling setuid in
fork_child, using the directory containing the mailbox as
the new root. At this stage it would also be possible to
close all remaining fds (though this would break
logging...). Another, less serious, problem is that
c-client style locking requires access to a shared /tmp.
This isn't likely to be a problem in your configuration.

Dropping root privilege before calling net_loop is
certainly sensible for configurations where all mailspools
are held by one user, and I'll incorporate that in the
next release, when I have some time to work on it (not in
the near future, I'm afraid).

Murder is always a mistake.... One should never do anything which
one cannot talk about after dinner (Wilde)