From 5b2bc3c4757d4c0cfddadca906680768e7eae1e7 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@palepurple.co.uk>
Date: Thu, 10 Apr 2008 13:39:44 +0000
Subject: [PATCH] SECURITY.txt: Adding

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@329 a1433add-5e2c-0410-b055-b7f2511e0802
---
 DOCUMENTS/SECURITY.txt | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 DOCUMENTS/SECURITY.txt

diff --git a/DOCUMENTS/SECURITY.txt b/DOCUMENTS/SECURITY.txt
new file mode 100644
index 00000000..4188dc33
--- /dev/null
+++ b/DOCUMENTS/SECURITY.txt
@@ -0,0 +1,37 @@
+Security and PostfixAdmin
+-------------------------
+
+While the developers of PostfixAdmin believe the software to be 
+secure, there is no guarantee that it will continue to do be so
+in the future - especially as new types of exploit are discovered.
+(After all, this software is without warranty!)
+
+In the event you do discover a vulnerability in this software,
+please report it to the development mailing list, or contact 
+one of the developers directly.
+
+
+
+
+DATABASE USER SECURITY
+----------------------
+
+You may wish to consider the following :
+
+ 1. Postfix only requires READ access to the database tables.
+ 2. The virtual vacation support (if used) only needs to WRITE to 
+    the vacation_notification table (and read alias and vacation).
+ 3. PostfixAdmin itself needs to be able to READ and WRITE to 
+    all the tables.
+
+Using the above, you can improve security by creating separate 
+database user accounts for each of the above roles, and limit 
+the permissions available to them as appropriate.
+
+
+FILE SYSTEM SECURITY
+--------------------
+
+PostfixAdmin does not require write support on the underlying 
+filesystem - aside from PHP creating session files.
+