From owner-freebsd-bugs  Thu Apr 13 10:10:44 1995
Return-Path: bugs-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id KAA21174
          for bugs-outgoing; Thu, 13 Apr 1995 10:10:44 -0700
Received: from gndrsh.aac.dev.com (gndrsh.aac.dev.com [198.145.92.241])
          by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id KAA21132
          ; Thu, 13 Apr 1995 10:10:38 -0700
Received: (from rgrimes@localhost) by gndrsh.aac.dev.com (8.6.8/8.6.6) id KAA10573; Thu, 13 Apr 1995 10:10:20 -0700
From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com>
Message-Id: <199504131710.KAA10573@gndrsh.aac.dev.com>
Subject: Re: /var/mail
To: mmead@goof.com (matthew c. mead)
Date: Thu, 13 Apr 1995 10:10:20 -0700 (PDT)
Cc: bugs@FreeBSD.org, FAQ@FreeBSD.org
In-Reply-To: <199504131521.LAA12090@goof.com> from "matthew c. mead" at Apr 13, 95 11:21:32 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Content-Length: 909       
Sender: bugs-owner@FreeBSD.org
Precedence: bulk

> 
>     /var/mail should be owner bin, group bin, permissions 775, so that packages
> like elm can write dot-lock files in /var/mail.

This has been gone over several times.  Use of dot-lock files for elm and
such mailers or for having site wide NFS mounted /var/mail is a site
decision and requires the relaxation of the permission on /var/mail.  Since
having /var/mail bin:bin 775 presents a possible security risk FreeBSD
as shipped keeps uses bin:bin 755.

You also must install elm sgid bin if you want the mode 775 stuff to
work, yet another potential security whole (and yes there have been
versions of elm that allowed you to ! out of them and become bin and
then go happely trash the whole system :-(.

Can some one please add this to a FAQ!!!

-- 
Rod Grimes                                      rgrimes@gndrsh.aac.dev.com
Accurate Automation Company                   Custom computers for FreeBSD