Re: [PLUG] webhosting question again

epike on Thu, 14 Nov 2002 11:30:07 -0500

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] webhosting question again

From: epike@isinet.com

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] webhosting question again

Date: Thu, 14 Nov 2002 11:20:49 -0500 (EST)

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

> > > > for example lets say theres a webmail application, > > which reads mail from the sendmail spool (give apache > > appropriate permissions). Therefore > > other users can read anything in that spool too > > if they can write cgi-bin, specifying absolute > > pathnames! > > > > am i thinking correctly or am i missing something? > > any insight on industry standard practice on this > > aspect? > > > > Most webmail applications use either IMAP or POP3 to access the mail > spools. This keeps them locally secure but web accessable. Ok this means that at runtime apache reads mail on demand by reading to/from the mail server. This sounds good enough. But I'll have to make sure that the web mail application does not store message queue of its own and drops it into the filesystem. Thanks for the info. e pike _________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug

References:

Re: [PLUG] webhosting question again
From: Martin DiViaio <scatterbrained@usermail.com>

Prev by Date: Re: [PLUG] webhosting question again

Next by Date: Re: [PLUG] Ldap Auth and debian

Previous by thread: Re: [PLUG] webhosting question again

Next by thread: Re: [PLUG] evolution/devolution

Index(es):

Date

Thread