How to Configure Qmail on Fedora Core 1 Server

Fritz Whittington f.whittington at att.net
Wed Jul 28 04:51:23 UTC 2004 

On or about 2004-07-27 20:48, Jeff Vian whipped out a trusty #2 pencil 
and scribbled:

>On Tue, 2004-07-27 at 13:54, Craig White wrote:
>  
>
>>On Tue, 2004-07-27 at 11:15, Fritz Whittington wrote:
>>    
>>
>>>*Mail read with Mozilla on a Windows machine from a POP3 server doesn't 
>>>have root's privileges either!*
>>>(And yes, you can do anything in vi that you might want to do in emacs, 
>>>so let's just ship *one* editor with the system and force everyone to do 
>>>it *that* way, just because!  OK with you?  I thought not.)  Of course, 
>>>I guess I could set up the foo alias and then read foo's mail with 
>>>Mozilla on a Windows machine from a POP3 server.  Can you prove that to 
>>>be even a tiny bit more secure?
>>>      
>>>
>>---
>>    
>>
>
>MUCH more secure, since the user foo would not have root privledges.  If
>that account is cracked they still are restricted on privileges.  If the
>root account is cracked all bets are off.
>
>Pop3 and imap protocols pass user name and password in plain text when
>logging in.
>
>The issue is not the privileges of the mail client but the security of
>the accounts when using plain text to log in and the possible privileges
>when logging in to those accounts if someone gains access by obtaining
>the password. 
>
>  
>
>>that isn't the point though. If root can retrieve email from his account
>>- be it local or remote is the issue. You are differentiating a system
>>that doesn't differentiate. Restricting root's access locally would
>>require something like hosts.allow/deny or iptables, both of which is
>>beyond the safeguards of dovecot or whichever pop/imap daemon you
>>employ.
>>
>>Proving that accessing mail from account foo or account root via POP3
>>remotely is inherently more secure is not relevant.
>>
>>    
>>
>
>The security issue with reading mail as root via pop3 or imap is the
>password.  With these clients the password/username is passed in plain
>text and for security that is not acceptable as root.
>
>  
>
Not true for the pop3s and imaps versions.

>Sniffers to read plain text from the network are common.
>  
>
Perhaps you have not read all the previous postings carefully.  A 
sniffer that could read anything off of the 2-foot long patch cords that 
connect my Linux and Windows boxes to the LAN switch would be uncommon 
indeed.  Anyone who could install such a thing could much more easily 
re-boot my Linux in single-user mode and do whatever he wished, since he 
would have to break into my house to do either of those.

It's not that I don't believe in taking security measures, but that they 
should be appropriate to the circumstances.  I don't run to the bank 
every night to put my Bic ball-point pens in the safety-deposit box 
until the next morning.


-- 
Fritz Whittington
Let the fear of danger be a spur to prevent it; he that fears not, gives advantage to the danger. (Francis Quarles)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3252 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20040727/a33af6ac/attachment-0002.bin

More information about the users mailing list