All those components must run ... (for security) under different user privileges.
Pier mentioned this point repeatedly, asserting that security can be gained by running the various pieces of the MTA under different users' privileges. Since I also lack sysadmin experience, I wonder if someone could tell me the motivation for this precaution. Historically, what went wrong that caused sysadmins to prefer running separate pieces of an MTA under separate users' privileges?
I wonder if that kind of thing, whatever it was that went wrong, could happen with Java and James. Java has a lot of security built in which is lacking in C and other languages.
I wonder if a lot of the traditional sysadmin's paranoia comes from growing up with Sendmail. As I understand the history, Sendmail had its architectural foundations laid before anyone thought much about security. As such, it helped raise a generation of paranoid sysadmins.
But when you understand a problem it usually suffices to solve the problem once, just exactly once. After you have stepped on a bug, it does not always help to step on it again a second, third, ... tenth time.
But of course paranoia evolved into the human psyche for some good reason. Until you have mastered a problem paranoia often pays: do anything, do everything.
Rich Hammer Hillsborough, N.C.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
