On Mon, Feb 07, 2011 at 05:49:38PM +0100, Stefan Foerster wrote:
> * Mark Alan <[email protected]>:
> > On Sun, 6 Feb 2011 22:22:52 +0100, Patrick Ben Koetter
> > <[email protected]> wrote:
> >
> > > If there are "significant differences that are not Debian
> > > related" Stefan certainly has had reasons to add them.
> >
> > That's certainly a way to view things and I respect your opinion.
> >
> > But it is hard to see the rationale in, for instance:
Was it hard to understand that chroot was disabled? If so, Mark,
perhaps you should invest a bit more time in the Postfix
documentation.
> [chroot disabled]
This is the default as shipped by Wietse, who recommends against
distributors changing that default. IIUC the reason for that is
twofold:
1. The chroot is not necessary. It only adds a small tactical
advantage in case an attacker manages to gain control of a
Postfix process. AFAIR such an exploit against Postfix has
has never been known.
2. The chroot is hard to support. Everything that any Postfix
process will need must be present in the chroot.
The choice to chroot should be made by an experienced system
administrator, one who is experienced enough to understand what
chroot means, and how to set one up, and how to troubleshoot issues
which arise when it's incomplete or wrong.
> Well, that's really #postfix's fault (referring to the freenode
> IRC channel): A lot of people come there and are looking for help
> when trying to setup mysql maps.
Only one of many chroot problems we see. If someone was keeping
statistics, it wouldn't surprise me if Debian[1] chroot problems were
the greatest single cause of questions there (and possibly here as
well.) Why should an upstream project have to support the unwise
decisions of downstream packagers?
[1] Ubuntu included in this context.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
