On Fri, 2008-05-30 at 15:49 +0200, Dan Horák wrote: > Hi, > > I have gone through the patches that are used in the Fedora package and > probably only the "mkcert-permissions" [1] can be considered to be > included upstream. It is dated into package version 1.0-0.beta2.3, but I > cannot find any particular reason for the inclusion (like a bug in > bugzilla, etc.).
Certificate file is public data, so chmoding it to 0600 doesn't really do any good. As for chowning the files to root:root, that's probably good if you use the script to generate certificates automatically, but I don't think the script should always do that since it may be run as non-root. > Some (winbind support, quota warnings) were obsoleted > by dovecot 1.1, two are used for distro specific settings. So the only > real patch that remains is the "pam_setcred" [2] patch that fixes > https://bugzilla.redhat.com/show_bug.cgi?id=146198 Unnecessary (with v1.0 too). pam_setcred() is called only if setcred=yes is added to pam args.
signature.asc
Description: This is a digitally signed message part
