Mail Security and Locking Problems
wcs at hou2b.UUCP
wcs at hou2b.UUCP
Fri Jun 3 09:06:24 AEST 1983
Jay Lepreau points out that several programs under 4.1BSD create
their lock files in /usr/spool/mail. This implies that the
directory be writable, and hence I have a problem:
I am running a fairly old copy of 4.1BSD, so maybe this has been fixed.
When I send mail to "joe", and he doesn't have a /usr/spool/mail/joe
file, it is created with MY userid and umask permissions. Thus,
even if joe can read his mailfile, he probably can't write to it,
and neither can anyone but myself. The main time this problem
occurred was when joe read, and deleted, all his mail, and Mail
deleted the mailfile for him.
I had solved this by setting /usr/spool/mail to
dr-xr-xr-x owned by root, and creating mailfiles for all my users
with the appropriate ownership and permissions. This allowed them
to modify, but not delete, their files, and it seemed to work fine.
Do I now have to change this to allow lock files to be
created, and has this problem been fixed already?
Thanks; Bill Stewart
BTL-HO x0705
hou2b!hoscf!bin or
hou2b!hoscf!bill
More information about the Comp.unix.wizards
mailing list