Since the .qmail file is processed by the vpopmail user, any program I add to my .qmail will run as vpopmail. As a user with ftp access to my .qmail file, I could create a .qmail file that emailed a copy of ~vpopmail/etc/vpopmail.mysql to myself. I'm sure we can think of even worse scenarios, but won't share them on the list (we don't need script kiddies picking up the idea and running with it).
This is the main reason we've had to be careful with qmailadmin to make sure users can't create new program delivery lines when adding forwards. Unfortunately, we end up removing program delivery lines that weren't qmailadmin generated (like tmda (tdma?) stuff).
-- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/