Re: [Mailman-Users] Integrating mailman with Sendmail

Thu, 01 May 2008 08:30:42 -0700 

Bill Honneus (honneus) wrote:


I'm a little confused about something regarding setting up Mailman to
run using Sendmail.  The following are instructions for how to create
the mailman user.  My first question is, why is the user created with no
shell and no home?  The documentation does not explain the reason why
this is needed.



Because Mailman doesn't need the shell or the home directory, and they pose 
a potential security risk if they are present.  So, leave them out and you 
avoid the potential security risk.



First, I don't see how to login or sudo as mailman if the user is set up
without a shell.



Neither sudo nor a plain "su" need to have a shell for the user.  All you're 
changing is your effective UID (EUID), but the rest of your environment 
comes from your real UID that you used to log in with.



                  Second, both steps refer to a home directory that does
not exist if the user is set up with no home.



You're confusing the root of the directory structure where the Mailman code 
is installed with the /etc/passwd concept of "home directory".  You can have 
/usr/local/mailman be the root of the directory structure for Mailman (and 
called the "Mailman home directory"), without having a home directory 
specified in /etc/passwd for this user.


Yes, this can be confusing.


                                               In other words, the
instructions seem to contradict the basic instruction for how to set up
the mailman user.



In the alternative, you could go ahead and list this directory as the home 
directory in /etc/passwd, but doing that doesn't really buy you anything 
from the security or systems operations standpoint.



Please help me better understand what is needed here.


Hope this helps.

--
Brad Knowles <[EMAIL PROTECTED]>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&amp;file=faq01.027.htp






















					Reply via email to