[CentOS] Need help in securing maildir so that root user should not able to read anyother user's mail

Sun Mar 18 10:36:52 UTC 2007
Morten Torstensen <morten at mortent.org>

ankush grover wrote:
> c) Security of Maildir means even root user should not be able to read
> any user's mail.

You can do that with SElinux... you would have to limit filesystem 
access AND user access so that root just not su to a user and access it 
from there.

But someone who have physical access to the server will be able to get 
access. Administrative routines need access too, for stuff like backup 
and restore.

So for c) I would limit what I can and then have audit routines to map 
usage.

-- 

//Morten Torstensen
//Email: morten at mortent.org
//IM: Cartoon at jabber.no morten.torstensen at gmail.com

And if it turns out that there is a God, I don't believe that he is evil.
The worst that can be said is that he's an underachiever.