[systemd-devel] NoNewPrivileges and Postfix

Marco d'Itri md at Linux.IT
Wed Jun 18 07:07:50 PDT 2014

I tried using NoNewPrivileges=yes in my inn package, but then I noticed 
that the daemon was unable to send emails:

Jun 18 07:59:38 bongo boot[4623]: postdrop: warning: mail_queue_enter: create file maildrop/111862.4636: Permission denied

This happens because postdrop is SGID to be able to securely write new 
emails in the incoming queue:

-r-xr-sr-x 1    root postdrop 13636 Mar  2 11:53 /usr/sbin/postdrop

drwx-wx--T 2 postfix postdrop  4096 Jun 18 15:31 /var/spool/postfix/maildrop/

There is a different scheme with no sgid programs and a world writeable 
directory, but it is less secure (it allows some DoS attacks) and I see 
that we do not support it anymore anyway in Debian.

I do not think that Postfix should use the other scheme by default, so 
it looks like we are stuck with not being able to enable NoNewPrivileges 
for daemons that (may) need to send emails.

Is there any other common similar issue with NoNewPrivileges?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: Digital signature
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140618/0af5d31f/attachment.sig>

More information about the systemd-devel mailing list