Leonardo Vilela Pinheiro wrote:
As I can seen, there is the bind-chroot glue package, but is there a
postfix-chroot.rpm glue ? I have looked for it, but I think there is not.
If there is not, what is your opinion about creating one ?
not worth it. There has been no security issue with postfix itself since
its 2.0 version and only one issue in an older version.
Any security problems will come from external libraries such as
cyrus-sasl/openssl and so making postfix chroot really means making a
whole lot more chrooted if you plan to use these. From the master.cf file.
# Chroot: whether or not the service runs chrooted to the mail queue
# directory (pathname is controlled by the queue_directory configuration
# variable in the main.cf file). Presently, all Postfix daemons can run
# chrooted, except for the pipe, virtual and local delivery daemons.
# The proxymap server can run chrooted, but doing so defeats most of
# the purpose of having that service in the first place.
# The files in the examples/chroot-setup subdirectory describe how
# to set up a Postfix chroot environment for your type of machine.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
