[CentOS] Need help in securing maildir so that root user
should not able to read anyother user's mail
arogge at gmx.de
Sun Mar 18 21:09:35 UTC 2007
Am Montag, den 19.03.2007, 05:40 +0900 schrieb John Summerfield:
> You can authenticate against AD.
> In principal you could use standard LDAP tools to extract the info and
> insert it into openldap, but I don't know about passwords, and probably
> you will want to keep AD anyway.
AD is more or less LDAP + Kerberos 5
you can always use nss_winbindd or nss_ldap (which requires MSSFU schema
extensions in the AD) + pam_krb5 or even a kerberized mailserver to do
In fact you can even forget the nss-stuff if you use a mailserver that
doesn't require users to have a system account (e.g. cyrus-imapd)
You *cannot* forbid root to do anything. And if you could you woudln't
want to do it.
The only way I could think of is enctypting the mailstore with the users
password, but if a user forgets his password you're lost.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3187 bytes
Desc: not available
Url : http://lists.centos.org/pipermail/centos/attachments/20070318/6e6079f1/smime.bin
More information about the CentOS