dovecot: make sure vid/gid are not overridable
The only storage scheme we support is a single declarative user with fixed uid/gid. The default_fields are overridable if these fields leak in from LDAP, so promote them to override_fields instead.
This commit is contained in:
Martin Weinelt
@@ -445,7 +445,7 @@ in
|
|||||||
userdb {
|
userdb {
|
||||||
driver = ldap
|
driver = ldap
|
||||||
args = ${ldapConfFile}
|
args = ${ldapConfFile}
|
||||||
default_fields = \
|
override_fields = \
|
||||||
uid=${toString cfg.vmailUID} \
|
uid=${toString cfg.vmailUID} \
|
||||||
gid=${toString cfg.vmailUID}
|
gid=${toString cfg.vmailUID}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user