Re: [Nss-mysql-users] exim and SMTP AUTH

[Marcin Sochacki]

On Sat, Nov 30, 2002 at 05:39:50PM +0100, Guillaume Morin wrote:
> If you want, I can send you a simple patch which will allow you to use
> the shadow group.

Please do. I think more people could also make use of it, so this could
be sent to the list.

> > 2) can I cache shadow information with nscd?
> 
> I don't think nscd caches shadow information. It would be very useful
> since I do not know any programs which use getspent().

I guess you meant "It wouldn't be very useful"?

> Yes you could do that. Well, if you authorize the nss user to read only
> the necessary columns, users won't be able to get more information than
> /etc/passwd.

I know, but in some cases /etc/passwd gives really too much information
about other users on the system. If you have trusted users only -- that's
OK, but in hostile environment a bad guy could e.g. use the information to
create a spam database and sell it to other spammers.
That's what I really want to prevent and that's why I want the config file
not world-readable, and nscd becomes obligatory.

> >    Is nscd stable enough so I can safely use it on a server with ~3000
> >    shell accounts? I've heard it sometimes dies unexpectedly -- is it a myth
> >    or truth?
> 
> See above.

In the view of my system, where I have to use nscd, could you re-read the
above question and state your opinions, please?

> Not that I am aware of. But if you write some, please send them to me,
> I'll include them in the distribution.

All right, I will.

Marcin

-- 
Windows 2000: A reliable comprehensive and integrated operating system
              platform delivering seamless interoperability, scalability,
              and performance, and broad application support.
Open Source:  No f*ing buzzwords.