[plug] linux school servers...

[Christian]

On Thu, Oct 05, 2000 at 11:44:54PM +0800, Bernard Blackham wrote:
> > I would strongly suggest against giving any sort of IMAP access unless
> > there is a secure server out there for it. The main server is so buggy
> > you may as well give shell access. Where I work we use a webmail
> > package that lets students check their email from anywhere.
> 
> What exactly is wrong with IMAP servers? If there are major security holes
> would it be feasible to limit access to IMAP by localhost and then write a
> Webmail script that interfaces with it? Would this be any more secure?
> Because PHP does have a nice IMAP interface library, I'd like to use that
> to write the webmail scripts.

Without auditing the source code no one can really give you a definitive
answer here.  If there are security bugs in the IMAP server (quite
possible given it's current history and, indeed, the history of most UW
software) then their exploitablity might be limited by providing a web
interface acting as a wrapper around user access.  Of course, that
really depends on how well you (or someone else) writes this wrapper.
If you're familiar with secure programming practices, know the langauge
and its limitations well and have a good idea of how the IMAP protocol
works then you could probably write a secure web wrapper.  Of course,
you might just introduce new bugs yourself... typically throwing more
code at a security problem is the fastest way of making it worse.

You would seem to have the following options:
a) don't use IMAP
b) use IMAP and take the risk
c) use a web wrapper and take (possibly more) risk
d) use a well-audited IMAP server (if one exists, last time I checked
OpenBSD didn't ship an IMAP server except in the ports tree)
e) audit a server yourself (or hire someone to do it).

It's really a case of risk management.

Regards,

Christian.