Mail security
Steven M. Kramer
smk at linus.UUCP
Wed Jun 15 22:00:04 AEST 1983
I was going to stay out of this argument, but now I can't resist.
The 'readability' of a mail file is a compromise of security (if
such things are security-relevant things on your system).
The ability of someone to rm the mail file is not a loss of security
but rather a loss of data integrity.
To fix the security problem -- make MAILMODE ~600.
To fix the integrity problem, make the mail dir 755 (root)
and define the thing that doesn't remove mail when all read
(because ucbmail is not setuid).
--
--steve kramer
{allegra,genrad,ihnp4,utzoo,philabs,uw-beaver}!linus!smk (UUCP)
linus!smk at mitre-bedford (ARPA)
More information about the Comp.unix.wizards
mailing list