On Mon, 14 Jul 2003, Pat Lashley wrote:
> My reasoning is that very few of the special uids (bin, daemon, etc.)
> should ever recieve any mail; and it doesn't take much security paranoia
> to want to prevent deliveries under those uids. Since tradition says
> that those accounts (except for 'nobody') occupy a range of low numbered
> uids; with 'real' users starting at some arbitrary round number (100,
> 500, 1000, etc.) it would be convienient to restrict the entire range
> rather than have to remember to update your exim config when adding or
> removing one of those accounts.
I understand the paranoia, and have WishListed the item. But I still
think that there are many other WishList items that will be more widely
used.
> > (I tried to remove never_users from Exim 4, but people complained... :-)
>
> Hmmm. I missed that thread. I just did a search on the mailinglist
> archive - lots of hits on 'never_users'; but nothing that looked
> relevant. I'm willing to be convinced though. Could you point me
> at (or briefly summarize) the rationale and arguments on both sides?
It's nearly 2 years ago now and my memory isn't what it was, but...
. My feeling was that few people paid any attention to never_users; most
set up an alias for root anyway, so it was just another complication
to be maintained, documented, etc.
. The opposition to its removal was from people who felt that it was a
useful safety catch.
If never_users were extended to be more flexible, as in your suggestion,
my feeling wouldn't be as strong.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book
