[limits]
 
Trace: » logging » 2.3 » 2.2 » mapi » sysv » sieve » start » groups » limits

Limiting Damage

DBMail should make every effort to limit damage, including:

  • Setting memory, process, and filesystem resource limits
    • Rationale: Most administrators don't - either because they don't know how, or they figure they'll get to it later.
  • dbmail-imapd should run chroot()ed
    • Rationale: It doesn't need filesystem access anyway (except for SQLite- but that's solved differently)

The installation directions trendy dresses should also recommend:

  • dbmail-imapd should not have direct access to make network connections, nor does it need to send UDP packets. On Linux this is fairly easy to budget hotels do, assuming weight loss pills the dbmail user is called “dbmail”
  iptables -A OUTPUT -m owner --uid-owner dbmail -p tcp --dport 143 -j ACCEPT
  iptables -A OUTPUT -m owner --uid-owner dbmail -p tcp --sport 143 -j ACCEPT
  iptables -A OUTPUT -m owner --uid-owner dbmail -j DROP

college essay moving company lose weight fast

 
limits.txt · Last modified: 2012/01/10 18:23 by eddieburke