Re: encryption of emails
> At 06:54 PM 2/13/05 +0100, Walhalla wrote:
> >> decent directory permissions. The default should already not allow other
> >> users than root be allowed to read everyone's email, but if you're
> >> paranoid beyond that, maybe grsec and SELinux fit your needs. Doing
> >
> >structure of the "homes ist /home/domain/users" - but the "admin" of a
> >web/domain has access to all subdirs :(
>
> So the admin of /home/domain also has access to /home/otherdomain? Why? U
NO! ;) only to all subdirs of /home/mydomain/... not
/home/yourdomain!
f.e. should the domainadmin have access to different logs, (*.rc ...
procmail, vacation, spamfilter ...). and user homes are in
/home/yourdomain/users/me
/home/yourdomain/users/you
admins home is /home/yourdomain/
> can make everything under /home mode 660 and have each domain dir a
yep - so it is!
> different group. That way only dirs and files from the admin's own group
admin & users are in one group "yourdomain" (you can change the
admin to every user, if you want ;)
> will be visible. Set the sticky bit on all the dirs so that the group
> ownership will be propagated to all newly created files and dirs. If
> that's not enough u can jail each admin to his own /home/domain/.
yep - so it is!
thx for your response!
jens
>
>
>
>
>
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
Reply to: