Re: chroot email + browser ???
- From: Ertugrul Soeylemez <never@xxxxxxxxxxxxxx>
- Date: Mon, 27 Feb 2006 06:13:39 +0100
Menno Duursma <menno@xxxxxxxxxxx> (06-02-26 09:13:38):
nobody@xxxxxxx (Kevin the Drummer) (06-02-24 16:17:09):
[ Mail and Web apps under different users. ]
That's a verbatim copy of the email address from the "From" header in
the OP's post. Not my fault.
Then allow your main user to use sudo without a password. Remember
to still give the different accounts different passwords, otherwise
you have no gain in security.
No. The useradd command defaults to something like * or !! in the
password field of the /etc/shadow file (if it doesn't: change it to
that by hand) which *disables* password login to that account
altogether, you can still 'su' to it though. But if you use 'sudo'
anyways you can do better still and set the shell of the user to
/bin/false (use like 'sudo -s -u <user>' for testing wat the user can
do - if needed.)
On my box, sudo denies access to accounts without a password or valid
shell. I'd set some random password for this kind of account.
Regards.
.
- References:
- chroot email + browser ???
- From: Kevin the Drummer
- Re: chroot email + browser ???
- From: Ertugrul Soeylemez
- Re: chroot email + browser ???
- From: Menno Duursma
- chroot email + browser ???
- Prev by Date: Re: What can I do about breakin attempts?
- Next by Date: Re: What can I do about breakin attempts?
- Previous by thread: Re: chroot email + browser ???
- Next by thread: What can I do about breakin attempts?
- Index(es):
Relevant Pages
|
