Root Privileges
2019-09-20 - hschneider, Admin
Cookie Disclaimer: This forum uses only essential, anonymous session cookies (xmailforum*), nothing to be scared of.
|
| XMail Forum · Newbies read here ! All about SMTP,MX-Records,DNS etc. |
 Help
 Search
 Members
 Calendar
|
| Welcome Guest ( Log In | Register ) | Resend Validation Email |
Root Privileges| akbsol |
Posted: Jan 24 2010, 06:51 AM
|
|
Newbie  Group: Members Posts: 23 Member No.: 2703 Joined: 10-November 07  |
Hi,
Why XMail doesn't have the feature to drop root privileges after binding to ports like many other popular daemons have? -Akash |
 
|
| Sob |
Posted: Jan 24 2010, 04:28 PM
|
|
Member Group: Members Posts: 53 Member No.: 2881 Joined: 19-April 08 |
You can run non-root XMail if you want.
There's an old approach using high port numbers and redirecting the proper ports to them using iptables. I don't really like it and it doesn't work with IPv6, because there's no REDIRECT target in ip6tables (at least wasn't when I last checked). If you use Linux, you can use capabilities to run XMail as unpriviliged user and still allow it to bind to lower ports. Look for commands like sucap and execcap. Although Linux kernel has this functionality for years, you need quite recent 2.6 kernel to actually use it with mentioned command line tools. |
|
|
| akbsol |
Posted: Jan 27 2010, 07:19 PM
|
|
Newbie Group: Members Posts: 23 Member No.: 2703 Joined: 10-November 07 |
I have already gone through those no not so nice ways to run non-root Xmail. What I am failing to understand is that why the developer hasn't still implemented simple setuid & setgid calls within the program itself.
-Regards, Akash |
|
|
