Gentoo Archives: gentoo-user

From: Walter Dnes <waltdnes@××××××××.org>
To: gentoo-user@l.g.o
Subject: Re: [SOLVED] Re: [gentoo-user] msmtp vs. nullmailer
Date: Mon, 20 Jul 2015 21:51:02
Message-Id: 20150720215031.GA22893@waltdnes.org
In Reply to: Re: [SOLVED] Re: [gentoo-user] msmtp vs. nullmailer by Mick
1 On Mon, Jul 20, 2015 at 06:49:00PM +0100, Mick wrote
2
3 > This is all good and dandy, but letting user "nobody" read your
4 > mail accoutn passwd may not be the safest approach to sending email
5 > messages from your machine.
6
7 I think you missed the point. The "NOPASSWD:" option means that this
8 one particular user "nobody" ***DOES NOT NEED THE ROOT PASSWORD*** to
9 execute this one particular command which normally requires "root" level
10 privileges. I repeat, it has no need for the password. This is done
11 with a sudoers entry like the following example.
12
13 michael michaelsmachine = (root) NOPASSWD: /usr/sbin/nullmailer
14
15 The only problem might be convincing your program that the mail
16 command is...
17
18 sudo /usr/sbin/nullmailer
19
20 You can tell it to run a script that contains that command. Having
21 passwords floating around on disk in clear text is a *BAD* idea. Some
22 "user friendly distros", like Ubuntu, let you run *ANY* command as root
23 if you prefix it with "sudo". That can be done with the keyword "ALL"
24
25 michael michaelsmachine = (root) NOPASSWD: ALL
26
27 I do not like it on general principle. It gives away the store as far
28 as security is concerned.
29
30 --
31 Walter Dnes <waltdnes@××××××××.org>
32 I don't run "desktop environments"; I run useful applications

Replies

Subject Author
Re: [SOLVED] Re: [gentoo-user] msmtp vs. nullmailer Mick <michaelkintzios@×××××.com>
Re: [SOLVED] Re: [gentoo-user] msmtp vs. nullmailer Alan McKinnon <alan.mckinnon@×××××.com>