Dave,
this thread got me wondering, and, as I suspected, my machines are
usually configured with home at 0755 (world can read/execute, only owner
-root- can write), so only root can add/delete users. [these machines
are RH Linux + Bastille, mostly]
On the other hand, I wouldn't trust a system (much less a distro) that
sets the users directories (/home/user) to world readable ... my
machines have something like 0700 (owner can do whatever, the rest of
the world cant even peek inside).
Looking around, I've found that vmailmgr does indeed set the "users"
directory to 0755 ... I guess it's doing it for a reason, but inner
directories (/home/domain/users/myvirtualuser/) are secured tightly
(0700), so I don't really know. Anyway, it does makes a point come
through: a machine set up as a mail host with virtualdomains is probably
'hackable' with a local account -- specially regarding the privacy of
emails sitting in the users maibox.
It shouldn't be, of course, but I won't be betting my head on that
one...
martin
pd: what distro are you using that sets users directories to 755?
Dave Sill wrote:
> I'm not sure you're aware of how systems are actually configured. All
> the user directories on my systems are world readable/executable, and
> they're that way by default, not because I did something to make it
> that way.
