Need help with mail security bug

[George Rosenberg]

Errata to my article on
Security and Integrity Problems with Mail

That article contained the following caveat:

	"Everything here is based on my recall without going to
	the trouble of consulting sources or making tests."

I pointed out that several of the problems I mentioned
depended in part upon a writable mail spool directory.
(They did not all depend on this.)
I said:

	"I believe that the mail program was designed assuming
	that directory is publicly writable."

Henry Spencer pointed out (utzoo.3691) that regarding this assumption
I was confusing v7 /bin/mail with other versions of /bin/mail or other mailers.
I believe he was correct about this.
Apparently v7 /bin/mail does not make that assumption.
In order to correct my article the above sentence (two occurrences) should
be changed to:

	"I believe that mailer programs on some UNIX systems were
	designed assuming that directory is publicly writable.
	If you are certain that the mailers on your system
	do not need that directory to be publicly writable,
	you might want to protect the directory so that it is
	not publicly writable."

Delete the following sentence from that article.

	"This list, for the most part will refer to v7 /bin/mail."

The below sentences were in the article.

	"In such cases the protection of that file (mode)
	might be controlled by the person sending the mail.
	Combining this with 2. or 3. above could compromise
	the security (privacy) of that user's mail."

Change them to the below sentence.

	"In such cases the protection of that file (mode)
	might have some liberal value which could compromise
	the security (privacy) of that user's mail."

		George Rosenberg
		idis!george