Date: Tue, 9 Jan 2007 14:49:01 +1030 From: Malcolm Kay <malcolm.kay@internode.on.net> To: freebsd-questions@freebsd.org Cc: Jay Chandler <chandler@chapman.edu> Subject: Re: Permissions Question Message-ID: <200701091449.01739.malcolm.kay@internode.on.net> In-Reply-To: <45A2884F.7010405@chapman.edu> References: <45A2884F.7010405@chapman.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 9 Jan 2007 04:37 am, Jay Chandler wrote: > Sorry for the dumb question this morning-- caffeine hasn't yet > worked its wondrous magic upon my person. > > I've got a user who needs to be able to view (read only) the > aliases file. We'll grant him root access a few weeks after > the eventual heat-death of the universe, so how would you all > go about doing this? > > I've considered allowing him to run a local copy of the > praliases command, but that chokes on the /etc/mail/aliases > permissions... I am confused (or someone is). On all the FreeBSD systems I have immediate access to the file /etc/mail/aliases has the default permissions -rw-r--r--, in other words is readable by anyone. On the other hand /etc/mail/aliases.db is sometimes -rw-r----- and sometimes -rw-r--r-- but since it is only an encoded version of aliases and additional restrictions would seem useless. I can imagine some might object to reason setting either of these o+r, but this does seem to be the norm. Perhaps someone else has other views. Or perhaps this is some variation when using profix, qmail etc. in place of sendmail. Malcolm > > To complicate things, the file etc/mail/aliases is actually > an NFS mounted file shared between all our mx boxes, and he > only needs to access it from a designated machine. > > Thoughts? My apologies if this is unclear...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701091449.01739.malcolm.kay>