From owner-freebsd-security  Fri Jun  7 15:35:14 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id PAA29849
          for security-outgoing; Fri, 7 Jun 1996 15:35:14 -0700 (PDT)
Received: from precipice.shockwave.com (precipice.shockwave.com [171.69.108.33])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA29836
          for <security@freebsd.org>; Fri, 7 Jun 1996 15:35:11 -0700 (PDT)
Received: from shockwave.com (localhost.shockwave.com [127.0.0.1]) by precipice.shockwave.com (8.7.5/8.7.3) with ESMTP id PAA00814; Fri, 7 Jun 1996 15:34:04 -0700 (PDT)
Message-Id: <199606072234.PAA00814@precipice.shockwave.com>
To: Nate Williams <nate@sri.MT.net>
cc: Barnacle Wes <softweyr@xmission.com>, security@freebsd.org
Subject: Re: FreeBSD's /var/mail permissions 
In-reply-to: Your message of "Fri, 07 Jun 1996 15:07:19 MDT."
             <199606072107.PAA00612@rocky.sri.MT.net> 
Date: Fri, 07 Jun 1996 15:34:04 -0700
From: Paul Traina <pst@shockwave.com>
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Their locking systems are irrelevant if they do not cooperate with
mail.local.


  From: Nate Williams <nate@sri.MT.net>
  Subject: Re: FreeBSD's /var/mail permissions 
  > Mail locking, to be effective, must be soley performed through the use of
  > the flock() call on the mail file itself.
  > 
  > Locking schemes relying on other mechanisms are not effective.
  
  Locking schemes relying on flock() are not effective either, so that's
  why most MUA's I know of use lock files.
  
  You'll have to convince *them* that flock() is adequate, although I've
  yet to be convinced as well.  'flock()' is broken on too many systems to
  be considered reliable.
  
  
  Nate