dovecot-1.2.7 If /var/run/dovecot does not exist when dovecot starts up (e.g. required when /var/run is a tmpfs/ramfs), it creates it. But it creates it with the wrong file mode -- the directory is mode 777. Being world writable means any user could change the name of any file within the directory, including the login directory, and then create their own new login directory. Or remove the pid file, or perhaps cause other types of havoc.
Comments? -frank
