Re: /etc/passwd doesnt contain all users
On Wed, Jan 01, 2003 at 01:19:55PM -0700, Bob Proulx wrote:
> [The words used here lead me to believe you are suggesting a central
> mail server writing to /var/mail on the remote clients.] That is a
> new twist on things. In that case wouldn't using the MTA to MTA
> protocol be safer?
My comments weren't specificially intended at MTAs, but any files under
/usr or /var which may be owned by a userid that is dynamically
allocated, and also stored on a central NFS server.
MTAs are a bad example to illustrate this, it is too easy to
get sidetracked on the other issue: you should be doing this
I wasn't so much looking at /var/mail either, that can be
solved with Maildir's, but /var/spool/postfix (or whatever it
For a better example, look at /var/lib/gdm, which is owned by gdm, and
(assuming only one client uses a given copy) should be safe to use over
NFS, too. There are good reasons for wanting to put this on a central
NFS server, but you wouldn't want the userid to map to "bam" on the NFS
server, as otherwise I could potentially do significant damage...
Brian May <firstname.lastname@example.org>