[Users] password protection
info.mardorf at rocketmail.com
Fri Jan 29 07:41:35 CET 2016
On Fri, 29 Jan 2016 00:44:00 +0000, Kevin Chadwick wrote:
>> A family Linux computer where everybody is doing stuff, but the
>> email program of the user account (owner) be protected by password
>> (or some other way?) against misuse by nasty kids. The whole program
>> needs to be restriced, with all folders, not only downloading mails,
>> so just using the mailbox password is not an option. Any ideas how
>> to achieve this ?
>Sudo -u mailuser as Ralf said
>also you must chmod the claws mail directory and claws executable
>then all you have to worry about is a password logger running when you
>enter any password.
I've got two users, the user of the session
[rocketmouse at archlinux ~]$ grep rocketmouse /etc/passwd
and another user
[rocketmouse at archlinux ~]$ grep chuser /etc/passwd
the user of the session can't access the directory of the other user's
[rocketmouse at archlinux ~]$ ls -l /.chuser/.home/
ls: cannot open directory /.chuser/.home/: Permission denied
but I can run sylpheed as another user and the other user's sylpheed has
got access to the user's files ...
[rocketmouse at archlinux ~]$ chuser sylpheed
access control disabled, clients can connect from any host
access control enabled, only authorized clients can connect
[rocketmouse at archlinux ~]$ grep -v "#" /usr/local/bin/chuser
gksudo -u chuser "$*"
... because the other user is in the group of the session's user:
[rocketmouse at archlinux ~]$ id chuser
uid=1001(chuser) [snip] 1000(rocketmouse) [snip]
Some people guess xhost isn't needed when using gksudo, but it is.
Just running 'gksudo -u chuser sylpheed' will not open a sylpheed
Running 'xhost + && gksudo -u chuser sylpheed' does open a sylpheed
window. However, there's no need to run 'xhost +', you could specify a
More information about the Users