Dmitry Niqiforoff writes:
> Yesterday I found that any user are able to start any program at
> server with .qmail file. This could be potentially dangerous, AFAIU.
Only if you let users edit their own .qmail files. Don't. Deny them
write permission in their home directory. If they need to upload
html, give them write permission in public_html. If you really,
*really* need to allow them to change their .qmail files, give them a
"qmail" home directory, and have a root cron job which copies .qmail
files from that directory into their home directory, editing out
program deliveries on the way.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
