Mercurial > docs > diploma
comparison thesis/tex/5-Improvements.tex @ 406:1d527ad76c97
spell checking
| author | meillo@marmaro.de |
|---|---|
| date | Sun, 08 Feb 2009 23:51:48 +0100 |
| parents | e57129f57faa |
| children |
comparison
equal
deleted
inserted
replaced
| 405:a3d9a63defa7 | 406:1d527ad76c97 |
|---|---|
| 30 The second file includes the functionality for the \SMTP\ client. It should start the encryption by issuing the \NAME{STARTTLS} keyword if the server supports it. It should be possible to send messages over encrypted channels only. | 30 The second file includes the functionality for the \SMTP\ client. It should start the encryption by issuing the \NAME{STARTTLS} keyword if the server supports it. It should be possible to send messages over encrypted channels only. |
| 31 | 31 |
| 32 The third file controls the configuration files. New configuration options need to be added. The encryption policy for incoming connections needs to be defined. Three choices seem necessary: no encryption, offer encryption, insist on encryption. The encryption policy for outgoing connections should be part of each route setup. The options are the same: never encrypt, encrypt if possible, insist on encryption. | 32 The third file controls the configuration files. New configuration options need to be added. The encryption policy for incoming connections needs to be defined. Three choices seem necessary: no encryption, offer encryption, insist on encryption. The encryption policy for outgoing connections should be part of each route setup. The options are the same: never encrypt, encrypt if possible, insist on encryption. |
| 33 \index{configuration} | 33 \index{configuration} |
| 34 | 34 |
| 35 \subsubsection*{Depencencies} | 35 \subsubsection*{Dependencies} |
| 36 | 36 |
| 37 \NAME{STARTTLS} uses \NAME{TLS} encryption which is based on certificates. Thus the \MTA\ needs its own certificate. This should be generated during installation. A third party application like \name{openssl} should be taken for this job. The encryption itself should also be done using an available library. \name{openssl} or a substitute like \name{gnutls} does then become a dependency for \masqmail. \name{gnutls} seems to be the better choice because the \name{openssl} license is incompatible to the \NAME{GPL}, under which \masqmail\ and \name{gnutls} are covered. | 37 \NAME{STARTTLS} uses \NAME{TLS} encryption which is based on certificates. Thus the \MTA\ needs its own certificate. This should be generated during installation. A third party application like \name{openssl} should be taken for this job. The encryption itself should also be done using an available library. \name{openssl} or a substitute like \name{gnutls} does then become a dependency for \masqmail. \name{gnutls} seems to be the better choice because the \name{openssl} license is incompatible to the \NAME{GPL}, under which \masqmail\ and \name{gnutls} are covered. |
| 38 \index{tls} | 38 \index{tls} |
| 39 \index{certificates} | 39 \index{certificates} |
| 40 \index{openssl} | 40 \index{openssl} |
| 551 \index{system user management} | 551 \index{system user management} |
| 552 \index{postfix} | 552 \index{postfix} |
| 553 \index{qmail} | 553 \index{qmail} |
| 554 \index{root privilege} | 554 \index{root privilege} |
| 555 | 555 |
| 556 The \name{queue-in} module is the part of the system that is most critical about permission. It either needs to run as deamon or be \name{setuid} or \name{setgid} in order to avoid a world-writable queue. \person{Ian~R.\ Justman} recommends to use \name{setgid} in this situation: | 556 The \name{queue-in} module is the part of the system that is most critical about permission. It either needs to run as daemon or be \name{setuid} or \name{setgid} in order to avoid a world-writable queue. \person{Ian~R.\ Justman} recommends to use \name{setgid} in this situation: |
| 557 \index{setuid} | 557 \index{setuid} |
| 558 | 558 |
| 559 \begin{quote} | 559 \begin{quote} |
| 560 But if all you need to do is post a file into an area which does not have world writability but does have group writability, and you want accountability, the best, and probably easiest, way to accomplish this without the need for excess code for uid switching (which is tricky to deal with especially with setuid-to-root programs) is the setgid bit and a group-writable directory. | 560 But if all you need to do is post a file into an area which does not have world writability but does have group writability, and you want accountability, the best, and probably easiest, way to accomplish this without the need for excess code for uid switching (which is tricky to deal with especially with setuid-to-root programs) is the setgid bit and a group-writable directory. |
| 561 \hfill\cite{justman:bugtraq} | 561 \hfill\cite{justman:bugtraq} |
| 562 \end{quote} | 562 \end{quote} |
| 563 | 563 |
| 564 \person{Bernstein} chose \name{setuid} for the \name{qmail-queue} module, \person{Venema} uses \name{setgid} in \postfix, yet the differences are small. Better than running the module as a deamon is each of them. A deamon needs more resources and therefore becomes inefficient on systems with low mail amount, like the ones \masqmail\ will probably run on. Short running processes are additionally higher obstacles for intruders, because a process will die soon if an intruder managed to take one over. | 564 \person{Bernstein} chose \name{setuid} for the \name{qmail-queue} module, \person{Venema} uses \name{setgid} in \postfix, yet the differences are small. Better than running the module as a daemon is each of them. A daemon needs more resources and therefore becomes inefficient on systems with low mail amount, like the ones \masqmail\ will probably run on. Short running processes are additionally higher obstacles for intruders, because a process will die soon if an intruder managed to take one over. |
| 565 \index{qmail} | 565 \index{qmail} |
| 566 \index{postfix} | 566 \index{postfix} |
| 567 \index{setuid} | 567 \index{setuid} |
| 568 | 568 |
| 569 | 569 |