Recently, I tried to compile postfix using Bruce's libsyncdir
(http://www.untroubled.org/syncdir/). I need to change maildrop
directory mode to 770 (and also 755 for public, which I don't
clearly understand, yet). Is there any security issues with
this?

Look's ok so far. I send 1000 messages using smtp-source,
and press reset button as soon as smtp-source finished.
I still got those 1000 messages. From strace output,
looks like the directory operations be done 'synchronously'
(at least it works as already proposed by Linus, as I remember
correctly):
...
setgroups(1, [500]) = 0
setresuid(ruid 4294967295, euid 500, suid 4294967295) = 0
open("/home/adi/Maildir/tmp/1012567381.7926_1.home.org", O_WRONLY|O_CREAT|O_EXCL, 0600) = 10
open("/home/adi/Maildir/tmp", O_RDONLY) = 11
fsync(11) = 0
close(11) = 0
lseek(10, 0, SEEK_END) = 0
read(9, "N6Received: by postfix.home.org "..., 4096) = 306
write(10, "Return-Path: <roothome.org>\nDel"..., 332) = 332
fsync(10) = 0
close(10) = 0
link("/home/adi/Maildir/tmp/1012567381.7926_1.home.org", "/home/adi/Maildir/new/1012567381.7926_1.home.org") = 0
open("/home/adi/Maildir/new", O_RDONLY) = 10
fsync(10) = 0
close(10) = 0
unlink("/home/adi/Maildir/tmp/1012567381.7926_1.home.org") = 0
open("/home/adi/Maildir/tmp", O_RDONLY) = 10
fsync(10) = 0
close(10) = 0
...
Is it really a worth of effort? Is it would perfom better than
chattr +S? As I realize that doing chattr +S to maildir directory
is necessary: I do simple experiments using smtp-source as above,
and always only got 999 mails consistently.

Regards,

P.Y. Adi Prasaja
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]