Alexander Samad wrote:
On Tue, Oct 19, 2004 at 10:20:24PM +1000, Voytek wrote:
Greg,
'adduser' is a link to useradd (binary):
# ls -l adduser
lrwxrwxrwx 1 root root 7 Jun 27 2003 adduser -> useradd
can I smply 'rm adduser';
why not alias adduser='/usr/sbin/adduser -s /bin/false'
Maybe it's a matter of personal taste but such an alias is a risk -
imagine that you su'ed to root or used a different shell and called
"adduser" without this alias in effect - you are creating a security
hole.
Better use scripts with local names (e.g. "create-mail-user").
BTW - I was thinking about Voytek's original question and remembered
that the mail system doesn't have to get the list of users from
/etc/password - you can setup a separate database just for mail-only
users so there is no chance that they will be considered a full-fledged
Linux system users. I don't have the details but I'm sure it's doable
and will raise the level of security.
Cheers,
--Amos
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
