Date: Thu, 31 Oct 1996 04:59:27 -0500 (EST) From: "Marc G. Fournier" <scrappy@ki.net> To: Mark Crispin <MRC@CAC.Washington.EDU> Cc: chat@FreeBSD.org Subject: Re: /var/mail (was: re: Help, permission problems...) Message-ID: <Pine.NEB.3.95.961031045434.23033B-100000@quagmire.ki.net> In-Reply-To: <MailManager.846742911.17779.mrc@Tomobiki-Cho.CAC.Washington.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 30 Oct 1996, Mark Crispin wrote: > > > 2) The sticky bit on the mail spool must be set; 1777, not 777. > > This is the cause of the DoS used as an example... > > It does, however, prevent bad guys from deleting other folks' mail. > So does 755... > > > 3) All users must have a mail file on the mail spool. > > > a) This must be done as a consequence of account creation. > > I don't believe any of the Unix variants actually do this in > > their adduser, do they? > > Ours does. > internally modified, or stock? what OS? > > so, you are suggesting that touch/<insert favorite editor here> be > > modified so as to not permit creating a file in /var/mail? > > No, that means making programs which access the spool run setuid/setgid. Some > UNIX variants do this. > a setuid touch command? Sorry, you've still kinda lost me on this, unless you are suggesting that the 'lock' against accessing spool is kernel based? > For what it's worth, I agree with you; NFS mounting mail spools is a terrible > idea, and that is precisely why I invented IMAP 11 years ago. > > Nevertheless, over half of the sites I support NFS mount their mail spools. > So it doesn't matter what your opinion (or mine) of NFS mounting mail spools > may be. NFS mounting the mail spool has to be made to work (as best as NFS > will permit). > Except, by "supporting" it in a piece of software that was designed so that NFS mounts aren't required in no way discourages the use of NFS mounted spool directories... Marc G. Fournier scrappy@ki.net Systems Administrator @ ki.net scrappy@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.95.961031045434.23033B-100000>