/bin/mail
pag at hao.UUCP
pag at hao.UUCP
Fri Jun 10 02:45:42 AEST 1983
Tim Mann complained about security gaps in having /bin/mail setuid
root. He proposed the following:
The only safe (?) way I know of to set things up is to create
a special "mail" group, make /bin/mail setgid to this group,
and arrange for the mail spool directory and mail files to be
group-writeable.
It seem this opens a new can of worms. If /bin/mail is setgid instead
of setuid, then all mail reading programs must be changed to not delete
empty mailboxes. This is because new mailboxes would then be created owned
by the sender (that old bugaboo), and you wouldn't be able to delete your
own mail (unless all mail reading programs were also setgid).
--peter
More information about the Comp.unix.wizards
mailing list