Requirements:
1. Deleted files (say, qmail messages after pickup) are shredded upon 
deletion.  Immediately upon delete.  Since an application is performing 
the delete, I must assume "rm" is not being issued, so I can't 
substitute "shred" in its place.

2. Files owned by vpopmail:vchkpw can only be read by said user:group - 
this includes root.  We need to lock root (and every other user) out of 
the messages.

3. Encrypted file system to defend against physical theft.


#3 is easy.

#2 sounds like a job for SELinux.  Alternatives are welcome :)

What about #1?  Any ideas?

-- 
George Toft, CISSP, MSIS
623-203-1760

"That which does not kill us makes us stronger."

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss