From owner-freebsd-questions@FreeBSD.ORG  Mon Jul  7 09:12:05 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CC9BD37B401
	for <freebsd-questions@freebsd.org>;
	Mon,  7 Jul 2003 09:12:05 -0700 (PDT)
Received: from mta11.adelphia.net (mta11.adelphia.net [64.8.50.205])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7B0A343FBD
	for <freebsd-questions@freebsd.org>;
	Mon,  7 Jul 2003 09:12:04 -0700 (PDT)
	(envelope-from wmoran@potentialtech.com)
Received: from potentialtech.com ([24.53.179.151]) by mta11.adelphia.net
          (InterMail vM.5.01.05.32 201-253-122-126-132-20030307) with ESMTP
          id <20030707161203.HTLU1549.mta11.adelphia.net@potentialtech.com>;
          Mon, 7 Jul 2003 12:12:03 -0400
Message-ID: <3F099BD3.8030403@potentialtech.com>
Date: Mon, 07 Jul 2003 12:12:03 -0400
From: Bill Moran <wmoran@potentialtech.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3) Gecko/20030429
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: quadrant <quadrant@apex.homedns.org>
References: <200307071159.51505.quadrant@apex.homedns.org>
In-Reply-To: <200307071159.51505.quadrant@apex.homedns.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re: /var/mail question
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jul 2003 16:12:06 -0000

quadrant wrote:
> I was temporarilly using pine to retrieve my email, and upon exiting the
> program, pine notified me that the /var/mail directory was
> vulnerable, and advised a chmod 1777 of such. The default is 775.
> What are the implications of this, and won't 1777 make the folder more
> vulnerable? My understanding was that if the SUID bit is turned
> on for either U, G or O, that security is more at risk. Please
> let me know what I should do...

Read the man page for chmod.

The suid and sgid bits mean something different on directories than on
files.  When set, they force all files created in that directory to be
owned by the owner of the directory.  Again ... see the man page for more
detail, as well as (I believe) a description of how this helps security.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com