On Wed, 9 Jan 2008, Charles Marcus wrote:
On 1/9/2008, Asheesh Laroia ([EMAIL PROTECTED]) wrote:
Basically - the above is a reason to use 'adduser', not a reason to use
virtual users! If I'm wrong, please clarify my understanding.
My understanding is using Virtual Users is inherently more secure, since the
users do not have system accounts, much less shell accounts.
There should be a straightforward way to set their shell to something that
prevents shell login but allows Dovecot login. Then they have their own
separate security contexts (i.e., UID), so in the case that Dovecot goes
horribly awry each user's data is isolated from the other's.
I believe /bin/false will work for this; since it is not listed in
/etc/shells, shell login will fail even with e.g. ssh [EMAIL PROTECTED] /bin/sh,
but PAM should authorize the user for Dovecot. I would double-check this
before using it in production.
-- Asheesh.
--
Life is difficult because it is non-linear.
