On Mon, Jul 20, 2015 at 06:49:00PM +0100, Mick wrote > This is all good and dandy, but letting user "nobody" read your > mail accoutn passwd may not be the safest approach to sending email > messages from your machine.
I think you missed the point. The "NOPASSWD:" option means that this one particular user "nobody" ***DOES NOT NEED THE ROOT PASSWORD*** to execute this one particular command which normally requires "root" level privileges. I repeat, it has no need for the password. This is done with a sudoers entry like the following example. michael michaelsmachine = (root) NOPASSWD: /usr/sbin/nullmailer The only problem might be convincing your program that the mail command is... sudo /usr/sbin/nullmailer You can tell it to run a script that contains that command. Having passwords floating around on disk in clear text is a *BAD* idea. Some "user friendly distros", like Ubuntu, let you run *ANY* command as root if you prefix it with "sudo". That can be done with the keyword "ALL" michael michaelsmachine = (root) NOPASSWD: ALL I do not like it on general principle. It gives away the store as far as security is concerned. -- Walter Dnes <waltd...@waltdnes.org> I don't run "desktop environments"; I run useful applications
