On Thu, Aug 28, 2003 at 04:00:11AM +0300, Timo Sirainen wrote:
On Thu, 2003-08-28 at 03:34, Alex Howansky wrote:
You can accomplish this with the static userdb:
auth_userdb = static uid=210 gid=210 home=/var/mail/%d/%n
Of course, I don't really suggest of using just one uid for everything.. Preferrably each user should have separate one, or at least one for each domain or other group of users that "trust" each others.
Let's say you have one server box and 20 users. Only the admins have accounts on the server box. Users can access mail only through the mail servier, via port 143. This involves three types of Unix accounts: root, human admins, and the non-human mail account that owns the mail files and runs mail scripts. Use sudo to give the admins the right to perform any necessary tasks that need the mail account, so that the mail account password doesn't get passed around.
- What are the security weaknesses?
- How does having one UID differ from having one password that gives you access to all the UIDs in the database?
- How is this handled in settings with hundreds of users? Do they create hundreds of Unix accounts?
Sorry about all the questions, but I'm trying to get a better understanding of security.
Bob Hall