Re: mailserver absolute noob question
On Thu, Nov 03, 2005 at 06:44:34AM +0000, s. keeling wrote:
> Cameron Matheson <cameron.matheson@fjcomm.com>:
> > [snip]
> > /etc/aliases. It's unsafe to let root receive mail, so generally
>
> Uh, what? Why's it unsafe to let root receive email?
>
> I agree it's _better_ for root's mail to be aliased to a real user,
> but safer too? Why?
My idea is that if a message contains something malicious, such as an
image attachment that triggers a buffer overrun and exploits that, it
will provide an additional line of defense if that exploit isn't run
with root privileges.
Best regards, Jan
--
+- Jan T. Kim -------------------------------------------------------+
| email: jtk@cmp.uea.ac.uk |
| WWW: http://www.cmp.uea.ac.uk/people/jtk |
*-----=< hierarchical systems are for files, not for humans >=-----*
Reply to: