[CentOS] Need help in securing maildir so that root user should not able to read anyother user's mail
Morten Torstensen
morten at mortent.org
Sun Mar 18 10:36:52 UTC 2007
ankush grover wrote:
> c) Security of Maildir means even root user should not be able to read
> any user's mail.
You can do that with SElinux... you would have to limit filesystem
access AND user access so that root just not su to a user and access it
from there.
But someone who have physical access to the server will be able to get
access. Administrative routines need access too, for stuff like backup
and restore.
So for c) I would limit what I can and then have audit routines to map
usage.
--
//Morten Torstensen
//Email: morten at mortent.org
//IM: Cartoon at jabber.no morten.torstensen at gmail.com
And if it turns out that there is a God, I don't believe that he is evil.
The worst that can be said is that he's an underachiever.
More information about the CentOS
mailing list