From: Dan Melomedman [mailto:[EMAIL PROTECTED] > Bowie Bailey wrote: > > The SMTP service runs as the Courier user. What security risk? > > If I break the SMTP service which runs as the courier user, I can > break the rest of the system which runs as the courier user.
True, but the system has to run as some user. Which one would you suggest? If you have access to the Courier user, you could stop some of Courier's daemons, and possibly delete messages from the queue (I'm not sure if the Courier user can do that or not). It doesn't really give you that much as far as I can tell. If you have serious security concerns, I'm sure Sam could give you a much better answer than I can. Bowie ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
