Date: Wed, 10 Apr 1996 21:50:44 +0200 (MET DST) From: Ollivier Robert <roberto@keltia.freenix.fr> To: peter@jhome.DIALix.COM (Peter Wemm) Cc: current@FreeBSD.ORG Subject: Re: /var/mail default permissions?? Message-ID: <199604101950.VAA04237@keltia.freenix.fr> In-Reply-To: <199604100556.NAA03118@jhome.DIALix.COM> from Peter Wemm at "Apr 10, 96 01:56:20 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
It seems that Peter Wemm said: > I thought /var/mail was supposed to be mode 1777 on BSD systems?? It should be 755 bin.bin (or better root.wheel or equivalent for more security) since FreeBSD 1.something. > mail.local was designed to work in that scenario and has specific code to > make sure it's secure.. (granted, the net-2 mail.local may not have been > solid, but the 4.4BSD mail.local has been secure since the encumbered > release and later in the Lite releases) The fact that mail.local is setuid-root should enable you to have only 755 permissions. procmail has the same rights to it is not a problem. Elm has been working with the same setup with fcntl locking for a long time too. drwxr-xr-x 2 bin bin 512 Feb 10 19:33 mail/ -rwxr-xr-x 1 root bin 406996 Mar 2 21:01 /usr/local/bin/elm -rwsr-sr-x 1 root mail 65536 Jun 8 1995 /usr/local/bin/procmail -r-sr-xr-x 1 root bin 12288 Feb 11 16:18 /usr/libexec/mail.local The setgid mail for procmail is unnecessary, although it is installed this way here. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 2.2-CURRENT #11: Tue Apr 9 20:14:48 MET DST 1996
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199604101950.VAA04237>