I thought I'd pose this question to the list. The mailman installation manual seems to imply that the mailman account should be added with no ability to log in to it. I translated what appeared to me to be the sense of the line given to Solaris.
However, after having gone through several fire drills of resetting file owner from root to mailman, I've set the account up with the directory /usr/local/mailman and "NP" in the /etc/shadow file. This allows me to su - mailman from root, but not to get a login from anywhere else. This is the same setup as is used for other Solaris "blind" accounts. Is there any real reason not to use the account this way? I'm aware that Mailman security is based on group identity, not user, but external programs such as htdig running under cron need to have uid mailman in files it writes to or to be set up as a mailman-uid program. My personal preference is to set the needed uid's in the mailman runtime tree. Hank ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp