David Woodhouse <dwmw2 <at> infradead.org> writes: > Oh, sorry -- I missed that. Yes, of course we ship with it suid root. It > normally drops privileges almost immediately, but for local deliveries > it needs to keep them. OK, thanks for that explanation. I see there is a lot of MTA discussion out there on the net, especially about security architectures of various different MTAs, but it all appears to boil down to "local delivery == root at some point". Whether non-monolithic architecture of Postfix is better overall in terms of security appears to be a very contentious issue, but it doesn't seem to impact local delivery (i.e. this is still root at many points). -- Bojan -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
