Re: Maildir header cache now supports imap, too

To: Mutt Developers <mutt-dev@xxxxxxxx>
Subject: Re: Maildir header cache now supports imap, too
From: Will Yardley <william+mutt@xxxxxxxxxxxxxxx>
Date: Fri, 6 Aug 2004 10:55:45 -0700
In-reply-to: <20040806142326.GA5918@xxxxxxxxxx>
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?body=unsubscribe>
Mail-followup-to: Mutt Developers <mutt-dev@xxxxxxxx>
Organization: New Dream Network
References: <20040718125531.GB3232@xxxxxxxxxxxxxxx> <20040729093041.GE12488@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20040805161037.GA28696@xxxxxxxxxxxxxxx> <20040805233421.GA21243@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20040806010730.GA6927@xxxxxxxxxxxxxxxxxxx> <20040806062301.GC15320@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20040806093615.GA4469@xxxxxxxxxxxxxxxxxxx> <20040806105159.GD3219@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20040806115334.GB22341@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20040806142326.GA5918@xxxxxxxxxx>
Sender: owner-mutt-dev@xxxxxxxx
User-agent: Mutt/1.5.6i

On Fri, Aug 06, 2004 at 11:23:26PM +0900, Derek Martin wrote:

> Keeping your mail on an NFS store is almost always a bad idea
> regardless of locking issues.  If the user has root access to their
> workstation (which is often the case), then it is usually NOT POSSIBLE
> to secure the mail store against that user reading anyone's mail.
> Anyone at all, so long as they have permission to mount the filesystem
> which it is on.  It also does not matter what permissions are on the
> directory, nor if the server uses the no_root_squash option or not.

You're thinking of one specific way of doing things; while this may be
typical for environments you've had experience with, there are plenty of
environments that are nothing like this.

For instance, we use NFS for our users' mail for 2 reasons:

 1) We can easily load balance incoming mail, as well as POP3 / IMAP
 servers, across multiple servers.

 2) We can separate mail machines from user machines, but still give
 users access to create .forward files, .procmailrcs, read mail in mutt,
 etc. (yes, this opens up some security concerns as well, but the
 benefits outweigh the disadvantages for us).

No users have root on any of the machines mounting the NFS servers;
also, the mount points are broken up into smaller chunks, so any given
machine only mounts the volumes it needs to access.

-- 
"Since when is skepticism un-American?
Dissent's not treason but they talk like it's the same..."
(Sleater-Kinney - "Combat Rock")

Follow-Ups:
- Re: Maildir header cache now supports imap, too
  - From: Derek Martin

References:
- Re: Maildir header cache now supports imap, too
  - From: Adeodato Simó
- Re: Maildir header cache now supports imap, too
  - From: Thomas Glanzmann
- Re: Maildir header cache now supports imap, too
  - From: Adeodato Simó
- Re: Maildir header cache now supports imap, too
  - From: Thomas Glanzmann
- Re: Maildir header cache now supports imap, too
  - From: Marco d'Itri
- Re: Maildir header cache now supports imap, too
  - From: Thomas Glanzmann
- Re: Maildir header cache now supports imap, too
  - From: Marco d'Itri
- Re: Maildir header cache now supports imap, too
  - From: Thomas Roessler
- Re: Maildir header cache now supports imap, too
  - From: Thomas Glanzmann
- Re: Maildir header cache now supports imap, too
  - From: Derek Martin

Prev by Date: Re: Maildir header cache now supports imap, too
Next by Date: Re: Security issue / bad UI design in mutt CVS (encryption options)
Previous by thread: Re: Maildir header cache now supports imap, too
Next by thread: Re: Maildir header cache now supports imap, too
Index(es):
- Date
- Thread