From owner-freebsd-security  Sat Jun  8 16:26:43 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id QAA05656
          for security-outgoing; Sat, 8 Jun 1996 16:26:43 -0700 (PDT)
Received: from rocky.sri.MT.net (rocky.sri.MT.net [204.182.243.10])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id QAA05650
          for <security@FreeBSD.org>; Sat, 8 Jun 1996 16:26:41 -0700 (PDT)
Received: (from nate@localhost) by rocky.sri.MT.net (8.6.12/8.6.12) id RAA05044; Sat, 8 Jun 1996 17:26:32 -0600
Date: Sat, 8 Jun 1996 17:26:32 -0600
From: Nate Williams <nate@sri.MT.net>
Message-Id: <199606082326.RAA05044@rocky.sri.MT.net>
To: Mattias Pantzare <pantzer@ludd.luth.se>
Cc: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= <ache@astral.msk.su>,
        pst@shockwave.com, security@FreeBSD.org
Subject: Re: FreeBSD's /var/mail permissions
In-Reply-To: <Pine.SUN.3.91.960608210807.3126A-100000@max.ludd.luth.se>
References: <199606080732.LAA00950@astral.msk.su>
	<Pine.SUN.3.91.960608210807.3126A-100000@max.ludd.luth.se>
Sender: owner-security@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

> > > Why should adduser send any mail to anybody? Rather silly if you ask me.
> > 
> > Because bad guy can pre-create upcoming user mailbox with 666 permissions.
> 
> Not if the adduser script creates it. To remove the option on sending a mail
> to the new user fills no function.

This assumes that 'adduser' is the only tool used to create passwords,
which it isn't by any stretch of the imagination.  Closing the hole by
"forcing" people to addusers with a tool that doesn't necessary reflect
local policy is not a good solution.


Nate