Hi all,
An unusual question, but first some background. I've been using cyrus
for about 25 years or so (not long after CMU started using in
production). I've also typically paired it up with cyrus SASL and
openldap. openldap uses slapd for serving LDAP and one option it offers
is connecting via a unix socket and using an EXTERNAL mechanism in
combination with SO_PEERCRED to get the effective id (eid) of the
process at the other end of the unix socket. This removes the need for a
password, but a password could still be used if mech plain (or others)
was configured.
So, my question is this; if I developed the same method for cyrus imapd
(primarily for admin connections via a restricted permission unix socket
set up in /etc/cyrus.conf; /imap cmd="imapd"
listen="/run/cyrus/socket/imap" prefork=1 admin=1/ or similar) would it
be accepted upstream?
The method is easily understood from the slapd source code (case
AF_LOCAL: in slap_listener() in servers/slapd/daemon.c) and it is
compatible with running saslauthd (ldap_servers: ldapi:/// & ldap_mech:
EXTERNAL) for non admin users. Also I had the thought of adding an
admin=0/1 flag for imap to restrict whether an imap connection would
allow admin IMAP commands.
I know it's feasible, I've had a look at the server code
(master/service.c) and the client code (lib/imclient.c), but it would
definitely not be a good use of my time if it wasn't accepted.
And lastly, from a motivation point of view it would be good to know if
others would find the extra security useful (only allowing IMAP admin
connections via a unix socket),
Matt
------------------------------------------
Cyrus: Devel
Permalink:
https://cyrus.topicbox.com/groups/devel/Tdf38f630f7312734-M4ecb2fd1fc582c264748eb9e
Delivery options: https://cyrus.topicbox.com/groups/devel/subscription
