[Users] password protection

Ralf Mardorf info.mardorf at rocketmail.com
Fri Jan 29 07:41:35 CET 2016

On Fri, 29 Jan 2016 00:44:00 +0000, Kevin Chadwick wrote:
>> A family Linux computer where everybody is doing stuff, but the
>> email program of the user account (owner) be protected by password
>> (or some other way?) against misuse by nasty kids. The whole program
>> needs to be restriced, with all folders, not only downloading mails,
>> so just using the mailbox password is not an option. Any ideas how
>> to achieve this ?  
>Sudo -u mailuser as Ralf said
>also you must chmod the claws mail directory and claws executable
>then all you have to worry about is a password logger running when you
>enter any password.

I've got two users, the user of the session

[rocketmouse at archlinux ~]$ grep rocketmouse /etc/passwd

and another user

[rocketmouse at archlinux ~]$ grep chuser /etc/passwd

the user of the session can't access the directory of the other user's
sylpheed files

[rocketmouse at archlinux ~]$ ls -l /.chuser/.home/
ls: cannot open directory /.chuser/.home/: Permission denied

but I can run sylpheed as another user and the other user's sylpheed has
got access to the user's files ...

[rocketmouse at archlinux ~]$ chuser sylpheed
access control disabled, clients can connect from any host
access control enabled, only authorized clients can connect
[rocketmouse at archlinux ~]$ grep -v "#" /usr/local/bin/chuser

xhost +
gksudo -u chuser "$*"
xhost -

... because the other user is in the group of the session's user:

[rocketmouse at archlinux ~]$ id chuser
uid=1001(chuser) [snip] 1000(rocketmouse) [snip]

Some people guess xhost isn't needed when using gksudo, but it is.

Just running 'gksudo -u chuser sylpheed' will not open a sylpheed

Running 'xhost + && gksudo -u chuser sylpheed' does open a sylpheed
window. However, there's no need to run 'xhost +', you could specify a

More information about the Users mailing list