Hello Doug, Monday, October 01, 2001, 5:48:20 PM, you wrote: Permissions on vpopmail binaries is 711. for example,
-rwx--x--x 1 vpopmail vchkpw 117721 Sep 30 08:30 /home/vpopmail/bin/vadduser And if i try under user account to view contents of this binary it will says me "permission denied"; [EMAIL PROTECTED]:/home/inbos $ id uid=2041(inbos) gid=2041(inbos) groups=2041(inbos), 1007(users) [EMAIL PROTECTED]:/home/inbos $ strings /home/vpopmail/bin/vadduser /usr/libexec/elf/strings: /home/vpopmail/bin/vadduser: Permission denied [EMAIL PROTECTED]:/home/inbos $ cat /home/vpopmail/bin/vadduser cat: /home/vpopmail/bin/vadduser: Permission denied [EMAIL PROTECTED]:/home/inbos $ DL> Hi, DL> I've been looking into using MySQL instead of CDB for VPopMail, but I DL> noticed that the MySQL username and password were stored in the DL> binaries. This is a significant problem for me, since any user could do DL> `strings vchkpw` and find the username/password to connect to MySQL. DL> I realize that I can setup a username/password that only has access to the DL> VPopMail data, but even that is too much access, IMHO. DL> Are there plans to store this information in a config file that can be set DL> to only be read by the VPopMail user/group? DL> thanks, DL> -dougl DL> ____________________________________________________________ DL> Doug Ledbetter -- Hagen Software, Inc. DL> [EMAIL PROTECTED] ------------ With respect, Yuri A. Kabaenkov [EMAIL PROTECTED]