Re: [Omail-admin-devel] Password Security
Brought to you by:
swix
From: Philipp S. <ph...@bi...> - 2004-09-25 09:25:57
|
Nick Tudor wrote: > - That password is sent through in clear text... hence is relatively > easily obtainable, and if it is, they have full access to the box I normally use an SSL-enabled virtual host to transport data like these. > - I don't necessarily want the person who can login to administer > domains have full unix access to the box There is no need to have a shell enbaled for these accounts. Just set /bin/false as the shell to disable shell access and you're set: foo:x:5001:32010::/var/qmail/foo-com:/bin/false philipp -- philipp stucki . bitflux GmbH . schoeneggstrasse 5 . CH-8004 zurich ph...@bi... . phone +41 1 240 56 70 . fax +41 1 240 56 71 http://www.bitflux.ch |