Network-wide Mail Spool?
wolf paul
wnp at iiasa.AT
Thu Nov 1 21:27:16 AEST 1990
In article <8368 at darkstar.ucsc.edu> haynes at ucscc.UCSC.EDU.UUCP (Jim Haynes) writes:
>One thing you have to consider here is whether security is going to be
>a problem. With ordinary NFS any workstation on which the user can
>become root allows the user to impersonate any other user and read
>the mail.
Actually, every implementation of NFS I have seen (Ultrix 3.0, SunOS 4.x,
Interactive SysV/386) allows you to limit Root Access to to specific
machines on a per-filesystem basis, in /etc/exports. The syntax varies
from OS to OS, but the concept is the same.
As someone else has suggested, if one modified the sendmail cf files
to only do delivery on one machine, then there is no need for root
access to the mail spool from any other machine.
--
Wolf N. Paul, UNIX SysAdmin, IIASA, A - 2361 Laxenburg, Austria, Europe
PHONE: +43-2236-71521-465 FAX: +43-2236-71313 UUCP: uunet!iiasa!wnp
INTERNET: wnp%iiasa at relay.eu.net BITNET: tuvie!iiasa!wnp at awiuni01.BITNET
More information about the Comp.unix.admin
mailing list