On Sat, 2005-02-19 at 13:29 -0700, Craig White wrote:--- I don't think the daemons that serve pop3 or imap are likely to be running as root but I guess that would probably depend upon which one you are using.
No. Pop and imap run as dovecott. Our FTP is anonymous download only so there's nothing to hack. Apache seems adequately protected with per- directory permissions.
It seems pretty good. However, a good defense-in-depth practice is to combine several layers of protection. SELinux is a good layer, although it creates a lot of complexity which may not be desirable in all scenarios.
