HPE Community
Operating System - HP-UX
1825795 Members
3150 Online
109687 Solutions
New Discussion

Re: user without email

 
SOLVED
Go to solution
Thomas Schler_1
Trusted Contributor

‎03-04-2002 09:38 AM

‎03-04-2002 09:38 AM

user without email

How would you create a user account running rksh with following features:

o The user must be able to receive and read mails sent to him.

o The user is not allowed to send any mail.

Any suggestions? OS is HP-UX 10.20.
no users -- no problems
0 Kudos
Reply
8 REPLIES 8
harry d brown jr
Honored Contributor

‎03-04-2002 09:43 AM

‎03-04-2002 09:43 AM

Re: user without email

Why not ".forward" their unix mail to another mail server so they don't need the login to that machine?

You'd have to do quite a lot to restrict them from using "mail" if you give them access to a shell prompt. It's not worth the effort, use the ".forward"!

live free or die
harry
Live Free or Die
0 Kudos
Reply
Thomas Schler_1
Trusted Contributor

‎03-04-2002 09:55 AM

‎03-04-2002 09:55 AM

Re: user without email

Harry: Just try to answer my question without asking another one. Just think off
forwarding is no option.

Any other suggestion?
no users -- no problems
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎03-04-2002 10:01 AM

‎03-04-2002 10:01 AM

Solution

Re: user without email

You make sure there are no mailers in their path, then allow them to view their mail via "more" on the file. Put a symbolic link in their account pointing to the mail file.

live free or die
harry
Live Free or Die
Reply
Sanjay_6
Honored Contributor

‎03-04-2002 10:03 AM

‎03-04-2002 10:03 AM

Re: user without email

Hi Thomas,

If the user is able to read his emails, he can send emails too. there is no choice. You can withdraw the read permission for the user from reading emails by making the user mail file /var/mail/user_name non-readable by the user. But you cannot block him from sending emails.

Hope this helps.

Regds
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎03-04-2002 10:06 AM

‎03-04-2002 10:06 AM

Re: user without email

Thomas,

Using perl, you can easy "parse" the messages:

http://perl.oreilly.com/news/perladmin_0700.html


live free or die
harry
Live Free or Die
0 Kudos
Reply
Mark Greene_1
Honored Contributor

‎03-04-2002 10:20 AM

‎03-04-2002 10:20 AM

Re: user without email

you also have to make sure that the user does not have rights to run sendmail, mailx, mail, elm, or any other mail program on your system.

A semi-sophisticated way to accomplish what you ask is to cron a script that runs mailx or mail or whatever, reads the mail, and saves it to a file that the user has read access to. The downside is that mail it not "real-time" for the user in question, but if they cannot send, how much of a need is that?

But, Harry made a valid point in that if you are running exchange or groupwise or some pc-based mail system, you can set the .forwards to route the mail for that user there.

HTH
mark
the future will be a lot like now, only later
Reply
Sanjay_6
Honored Contributor

‎03-04-2002 10:30 AM

‎03-04-2002 10:30 AM

Re: user without email

Hi,

Even if the mailer like elm, mailx is not in the user path, the user can use the absolute path to access the mailer.

Hope this helps.

Regds
Reply
harry d brown jr
Honored Contributor

‎03-04-2002 10:41 AM

‎03-04-2002 10:41 AM

Re: user without email

Actually in "rksh", if it's not in your path, you aren't executing it. UNLESS you know how to CHEAT:

$ /tmp/a.out
rksh: /tmp/a.out: restricted
$

vi himom
:!/tmp/a.out
0.73[Hit return to continue]

or better yet:

vi himom
:!/usr/bin/ksh
$ ps
PID TTY TIME COMMAND
11153 pts/1 0:00 ksh
11269 pts/1 0:00 vi
11287 pts/1 0:00 vi
11329 pts/1 0:00 ps
11327 pts/1 0:00 ksh
11150 pts/1 0:00 rlogind
11170 pts/1 0:00 rksh
11280 pts/1 0:00 ksh
$

and I'm no longer restricted! Imagine taking "/usr/bin" out of a users path? (for vi and more)



live free or die
harry
Live Free or Die
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.