On Fri, Aug 06, 2004 at 10:55:45AM -0700, Will Yardley wrote: > On Fri, Aug 06, 2004 at 11:23:26PM +0900, Derek Martin wrote: > > > Keeping your mail on an NFS store is almost always a bad idea > > regardless of locking issues. If the user has root access to their > > workstation (which is often the case), then it is usually NOT POSSIBLE > > to secure the mail store against that user reading anyone's mail. > > Anyone at all, so long as they have permission to mount the filesystem > > which it is on. It also does not matter what permissions are on the > > directory, nor if the server uses the no_root_squash option or not. > > You're thinking of one specific way of doing things; Yes, I realize this; I stated rather clearly the conditions for which it is problematical (which you quoted above) and also stated rather clearly when it wasn't a problem, in a later part of the same message. In your case, there is no problem. But the situation I describe is also very common. I've seen it almost everywhere I've worked, and I've run into it quite frequently on sysadmin-type mailing lists as well as mail-related lists. If you understand the issues, it's certainly possible to make this work without being a big risk. In my experience, many sysadmins don't, including some very experienced ones... As such, I felt it was worth pointing out. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail. Sorry for the inconvenience. Thank the spammers.
Attachment:
pgpJrXG9dCOoR.pgp
Description: PGP signature