I'm installing MD v2.51 on Solaris v8, with Perl v5.8.5 and sendmail v8.12.11. I have created a user account for mimedefang to run as, and also an associated group. The group is the mimedefang user account primary group. I've also added it as a secondary group for the non-root administration user account.
I've installed MD to /opt/mimedefang It is unwise to have the group ownership of that directory and its sub-directory structures (including bin/, man/ and etc/) be the mimedefang group? Is it unwise to have that mimedefang group have write permissions to, say, the config file in etc/ ? Does the group under which mimedefang runs matter? Or only the UID? The mimedefang-related directories under /var/spool are owned by the mimedefang user, but I wanted to add the associated group so the admin user account can look in the spool and quarantine directories. Any issues with that? Basically, I'm trying to minimize the things I have to do as root. This specific machine does not host user shell accounts. It is primarily a mail relay, and its been thru extensive hardening. Practically every thing that can be turned off or locked out has been done. Just need a sanity check here. Dirk _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
