Date: Tue, 1 Apr 1997 10:55:36 -0500 (EST) From: James FitzGibbon <james@nexis.net> To: Michael Beckmann <beckmann@nacamar.de> Cc: ports@freebsd.org Subject: Re: imapd and /var/mail permissions Message-ID: <Pine.BSF.3.95q.970401105154.16973A-100000@nexis.net> In-Reply-To: <3.0.1.32.19970401140206.0097d7e0@mail.nacamar.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 1 Apr 1997, Michael Beckmann wrote: > This software is designed to run without privileges. The mail spool > directory should be protected 1777; that is, with world write and the sticky > bit. Of course, mail *files* should be protected 600! > ----------------------------------------------------------------------------- > > I don't like having permissions set to 1777 on /var/mail . Anyone have a > proposal how to properly deal with this ? Same here. My quick fix was to hack the code to create locks in /var/locks/ instead of /var/mail (which was mode 1777). This worked for mailboxes, but imapd also insists on locking $HOME/mbox, which my hack didn't account for. What is needed (and really this should be backported into the UW distribution) is to change locks so that requests to lock /var/mail/$USER create locks as /var/locks/imap/$USER.host.time.pid and requests to lock /home/$USER/mbox creates locks in the home directory, or better still as /var/locks/imap/$USER.mbox.host.time.pid Any coders up to the task ? It's all in src/osdep/unix/bezerk.c, in the bezerk_lock() function. -- j.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970401105154.16973A-100000>