/usr/mail/username protections
Rodian Paul
rpaul at crow.UUCP
Wed Mar 27 16:49:15 AEST 1991
> I now have umask 077 in /etc/stdcshrc so that mbox in the user's dir
> gets no privs for group, but /usr/mail/username files get g:rw !!
> Why is this and how can I prevent any group privs?
>
You need to modify /etc/cshrc and /etc/profile to set up default umasks.
The std files are for copying to new accounts.
So what if /usr/mail/userid files are group rw. How many of your users belong
to the group mail?
Besides, if you type:
% Mail -u userid
you can read (but not modify) the users mail. This is standard BSD mail as
far as I know.
I assume that because /bin/mail /usr/sbin/Mail are set-group mail, that
allows you to read other peoples mail files. However you can't read their
~/mbox files unless they aren't 600.
> I also find some length 0 /usr/mail/username files out there, but
> when I read my newmail and quit, mine gets deleted. Do I assume that
> adduser creates a zero sized file for the user, but when it gets used
> it gets deleted? If I can coerce the file to remain even if zero length,
> at least I can forever put the "correct" protections on existing ones.
>
This I also find a little perplexing. Because /usr/mail is a symbolic link
on all of our machines to a server, I assume that the NFS file-locking
bug is the culprit, but I'm not sure.
-------------------------------------------------------------------------------
crow!rpaul at ccut.cc.u-tokyo.ac.jp phone: +81 (3) 5706-8357
ccut.cc.u-tokyo.ac.jp!crow!rpaul FAX: +81 (3) 5706-8437
More information about the Comp.sys.sgi
mailing list