To run several daemons under normal users.

Good day. I want to run the following list of daemons under normal user - for security reasons: saslauthd, couriertcpd, courierpop3login, authdaemond, spamd, logger could You please share Your opinion on how I can do that - as it is not clear from its running scripts where to specify it? Thank

Re: OT: how do You protect an email relay service?

Good day, Tomasz. Thank You for Your reply: >All others get greylisted: http://en.wikipedia.org/wiki/Greylisting Well. I guess it was not easy to prove before a boss such a practise? -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Re: How secure is vserver?

Good day, Izak. Thank You for Your reply: >Linux vserver shares the kernel between the various virtual hosts, a >little like BSD jails. There are restrictions on what one can do: not >even root can modify network interfaces or even create a node (using >mknod) or mount a filesystem, so breaking ou

How secure is vserver?

Good day. How secure is vserver? From http://linux-vserver.org/Welcome_to_Linux-VServer.org it is not clear to me: "guarantee the required security" as what are the requirements. Can You explain its isolation level? Say, If I place there a server, and one day it will be hacked so that the crimi

OT: how do You protect an email relay service?

Good day. If You use an email relay service, how do You protect it: VMs, iptables connections rate limit, ... ? Personally, I have a problem with email sending authorization - how I can separate the users that have not their boxes on our service and therefore I can ban their trials to pick up a

OT: Server protection strategy from evil doers - how to stop them.

exclude by its ranges - I risk to exclude goo users from our public services (web, email) others - the same is for the ISP nets - as their users can change their IPs easily. So... please, any suggestions. Thank You for Your time and effort. Best regards, Sthu Deus. -- To UNSUBSCRIBE, email to

Re: How safely to stop using backports repo?

Good day, Konstantin. Thank You for Your reply: >It will print the list of installed packages which have "~bpo" in their >names -- a common substring usually found in packages from >backports.org. You say "usually"... Then, I can miss a package and that one will remain a breach in my system... No

Re: How safely to stop using backports repo?

Good day, MARGUERIE. Thank You for Your reply: >Otherwise, you can `apt-get remove` them (plus --purge if you want to >reset your configuration files) and re-install them : that way you'll >use the main-repo version and you won't want have security problems >anymore. That decision I feared... Is

How safely to stop using backports repo?

Good day. I have packages installed from backports repo. Now I want to remove the repo from my source list and therefore use not any more packages from there. My question is on security stuff, as AFAIK I can get into a troublesome situation - in case of simply stopping using updates from the repo