[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: intro
|
From: |
xystrus |
|
Subject: |
Re: intro |
|
Date: |
Wed, 13 Mar 2002 17:46:09 -0500 |
|
User-agent: |
Mutt/1.3.27i |
On Wed, Mar 13, 2002 at 02:16:10PM -0800, Jeff Bailey wrote:
> On Wed, Mar 13, 2002 at 12:37:42PM -0500, xystrus wrote:
>
> > If your users have root access to their machines, and you NFS
> > export the mail spool, you're giving them the ability to read the
> > mail of anyone and everyone. This is BAD.
>
> Only if you don't squash root. People who don't follow sensible
> sysadmin practices are not our problem.
Bzzzzz... sorry, but that's incorrect. If I have root acces,
all I need to do is su to another user whose mail is on the same
spool. Maybe I have to create the user first, but since I have
root access, that's no problem. Or if I'm in an NIS shop (ugh),
I probably don't even have to do that. And the best part is,
since I'm root, I don't even need their password.
AFAIK the only solution for this is Kerberized NFS, which isn't
terribly common, and AFAIK not yet available for Linux.
> > I've seen NFS-mounted spools result in lost mail before... it's
> > just a bad idea, IMO.
>
> I think maildir is supposed to handle locking over NFS correctly.
Sure, as I understand it maildir basically needs no locking. Is
that correct? I still haven't had a chance to read up on it...
- Re: C/C++ (was Re: mailbox (was Re: intro)), (continued)
- Re: mailbox (was Re: intro), Sam Roberts, 2002/03/13
- Re: mailbox (was Re: intro), Sam Roberts, 2002/03/13
- Re: mailbox (was Re: intro), xystrus, 2002/03/13
- Re: mailbox (was Re: intro), Sam Roberts, 2002/03/13
- Re: mailbox (was Re: intro), xystrus, 2002/03/13
- Message not available
- Re: intro, xystrus, 2002/03/13
- Re: intro, Jeff Bailey, 2002/03/13
- Re: intro,
xystrus <=
- Re: intro, Sam Roberts, 2002/03/13
- Re: intro, xystrus, 2002/03/15