On Thursday, September 25, 2003, at 08:03 AM, Paul Theodoropoulos wrote:Make sure 100% that /var/qmail/control/sql file is either chowned 'qmaild', chgrouped 'nofiles', or BOTH!
-rw-r--r-- 1 root other 106 Aug 18 09:37 sql
Mine works fine as above.
But anyone with access to your system can read the file and get the sql username and password.
Better to have it owned and readable only by the user that needs it.
only root has access to the system in question. if someone gets in, that means they've broken root, thus they already own the machine, so obscurity accomplishes nothing.
Paul Theodoropoulos http://www.anastrophe.com
