On Tue, 2004-07-27 at 09:12, Fritz Whittington wrote:*Mail read with Mozilla on a Windows machine from a POP3 server doesn't have root's privileges either!*
While it may be a "good and custom practice" under some situations, it seems like a work-around that I don't need. I understand that the alias just moves root's mail to another user's mbox, so that it can be read by that user. In the days of DEC VT-10x and -2xx "smart" terminals, there could well be good security reasons for root not to read his mail while logged in as himself. In my situation, reading root's mail via pop3s over a *totally* secure LAN (I can see every cable with my naked eyes while sitting at the desk) and on a Windows machine, no less, seems even more secure than is required. It's easier and simpler to keep root's inbox and mail segregated from my "regular" Linux user's inbox, as well as from my other email accounts. Having options in the config file to define the available users, with the default starting at user 500 is a good protection for naive installers, but having root excluded by compilation from being configured by a non-naive installer just rubs me the wrong way.
Secondly, if there are instructions for setting up postfix, sendmail, and dovecot that are as easy to use as the ones for qmail at qmailrocks.org, I have yet to find them. While I enjoy using Linux, I don't wanna make a career out of it. I'm retired from a long career of computer systems engineering; I'm tired of working *on* systems, would like to work *with* the systems for a change :-)
---- It seems pretty clear that security stems from redundant methodology to ensure that if one thing goes wrong, another logical measure is adequately empowered. Sometimes, the desire to protect a system against inexperienced administrators that would cause the default configuration or compiled options to deny root access.
All you need to do is to create another account 'foo' and alias root's
mail to foo. The foo account need not even have a valid shell to
send/receive email. You can set up an MUA to use foo as if it were root
and it would make no difference at all - except that mail read as foo
would not have root's privileges.
(And yes, you can do anything in vi that you might want to do in emacs, so let's just ship *one* editor with the system and force everyone to do it *that* way, just because! OK with you? I thought not.) Of course, I guess I could set up the foo alias and then read foo's mail with Mozilla on a Windows machine from a POP3 server. Can you prove that to be even a tiny bit more secure?
Thus your argument about workingThat refers to something of an additional topic: qmail versus sendmail/postfix/dovecot and the ease of installing without having to read (first finding) bunches of docs and becoming something of a guru on the subject.
'with' or 'on' really doesn't hold water.
Also, be aware that (IMHO) once any security issues are removed, this becomes a "religious" (that is, personal preference) issue just like the choice of a text editor.
-- Fritz Whittington I can please only one person per day. Today is not your day. And tomorrow isn't looking good either.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature