2

In the default configuration for the postfix package on Arch Linux (and possibly elsewhere), the aliases file contains the following comment:

...
# Person who should get root's mail. Don't receive mail as root!
#root:      you
...

Is there something dangerous about reading mail as root, or is this a concern unrelated to security?

bcc32
  • 121
  • 3

2 Answers2

4

Only my own opinion, but this a more of a matter of educating admins. We know that every admin should have their own unpriviledged account, and only switch to root mode for administrative tasks requiring it.

In addition, the smarter the mail reader, the more complex and consequently the higher risk of security flaws => no mail in root's box will prevent an admin to use the last beta but so cute version of [insert your prefered reader here] with root priviledge.

For example in a default FreeBSD installation, many crontab jobs send their output into root's mailbox. It is simply expected that the admin will not add clever rules there and will just use the good old standard BSD mail program to read it.

TL/DR: my opinion here is that it is just an additional defense line to prevent usage of a security broken mail reader as root - not even speaking of automatic mail processing as root...

Serge Ballesta
  • 25,952
  • 4
  • 42
  • 84
0

The root used is a privileged user meant to administer a system, just a domain administrator in windows is a user to administer a domain, not to read emails.

The example from postfix is simply an alias, forwarding email to root@yourdomain.com to another account, so that you do not have to read potential malicious emails using a privileged account.

Dog eat cat world
  • 5,769
  • 1
  • 27
  • 46
  • I'm not sure I believe that malicious emails are the primary concern. I doubt most people's setup for reading mail is anything other than the plain old `mail` program, which just displays text? – bcc32 Jan 28 '18 at 10:39
  • 1
    @bcc32 I'm not sure that is entirely true. Even just displaying text [can be a security issue](https://security.stackexchange.com/q/56307/165253) if attacker-controlled data is displayed by root. – forest Jan 28 '18 at 22:41