From owner-freebsd-security Fri Jun 7 14:50:50 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA25897 for security-outgoing; Fri, 7 Jun 1996 14:50:50 -0700 (PDT) Received: from rocky.sri.MT.net (rocky.sri.MT.net [204.182.243.10]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id OAA25876 for ; Fri, 7 Jun 1996 14:50:46 -0700 (PDT) Received: (from nate@localhost) by rocky.sri.MT.net (8.6.12/8.6.12) id PAA00803; Fri, 7 Jun 1996 15:50:41 -0600 Date: Fri, 7 Jun 1996 15:50:41 -0600 From: Nate Williams Message-Id: <199606072150.PAA00803@rocky.sri.MT.net> To: "Karl Denninger, MCSNet" Cc: pst@shockwave.com (Paul Traina), security@FreeBSD.org Subject: Re: FreeBSD's /var/mail permissions In-Reply-To: References: <199606072105.OAA00533@precipice.shockwave.com> Sender: owner-security@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Karl Denninger writes: > > Mail locking, to be effective, must be soley performed through the use of > > the flock() call on the mail file itself. > > > > Locking schemes relying on other mechanisms are not effective. > > > > Sorry. > > Mail locking, to be effective, must *work across machines* so that NFS > mounts of the mail directory work. > > flock() cannot be trusted to work in this environment, and in fact doesn't > even attempt to work on FreeBSD. > > Does this mean we should give up on using mail? Actually, *nothing* works reliably across NFS locks if you don't have lockd, and since FreeBSD doesn't (yet) have lockd you shouldn't have mailboxes that can be written to by multiple processes on different systems. There are *VERY* few systems (including most of Sun's) that implement reliable NFS file-locking well. Sun attempted it many times and failed. :( Nate