On Monday, November 18, 2002, at 03:33 PM, Peter N Lewis wrote:
For example, the system I want for mail is a mail server and
pop server that run as the mail account and all mailboxes are
private files, so there is no need for any special privs at
all - except you need root access to open the smtp and pop
ports! Net result is less security, not more.
In that case, if you want regular users to be able to open
low-numbered ports, you should write a very small setuid program
that does that and only that. Then your otherwise unprivileged
servers can call that, and you've got the safeness you're
looking for with the features you need.
The last thing in the world I want with root access is network servers!
Agreed.
-Ken
