From owner-freebsd-security  Tue Jun 26  4:29:20 2001
Delivered-To: freebsd-security@freebsd.org
Received: from burka.carrier.kiev.ua (burka.carrier.kiev.ua [193.193.193.107])
	by hub.freebsd.org (Postfix) with ESMTP id D093937B401
	for <security@FreeBSD.ORG>; Tue, 26 Jun 2001 04:29:09 -0700 (PDT)
	(envelope-from netch@lucky.net)
Received: from netch@localhost (netch@localhost)
	by burka.carrier.kiev.ua  id OLC34556;
	Tue, 26 Jun 2001 14:28:53 +0300 (EEST)
	(envelope-from netch)
Date: Tue, 26 Jun 2001 14:28:53 +0300
From: Valentin Nechayev <netch@lucky.net>
To: Leonard Chung <leonard@ssl.berkeley.edu>
Cc: security@FreeBSD.ORG
Subject: Re: "Correct" permissions on /var/mail?
Message-ID: <20010626142853.B33308@lucky.net>
Reply-To: netch@lucky.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5.1.0.14.2.20010624140225.02d492f0@chung.yikes.com>
X-42: On
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

 Sun, Jun 24, 2001 at 14:11:54, leonard wrote about ""Correct" permissions on /var/mail?": 

> I was having a debate with a colleague the other day on the correct mode 
> for /var/mail. He claimed that 1777 is more secure than what I've always 
> had (the FreeBSD default of root:mail 775).

1777 has the only advantage that it doesn't require sgid privileges
for MUAs. But such solution is not less harmful due to new /tmp
in /var/mail. Better variant is to fix MUA to use separate locking program
(such as mutt-dotlock) or even get rid of /var/mail as ugly legacy.
Keep all incoming mail in user's home and "your teeth will be white
anf fluffy".

> 1777 gives you the additional benefit of protecting you from compromises on 
> the mail group, but requires that on every machine quotas be installed even 
> for machines with just one or two users. Without quotas, a malicious user 
> could fill up /var/mail creating a DoS for everybody receiving mail off 
> that machine. 775 doesn't protect against compromises of the mail group, 
> but has the added benefit that it protects against a user filling /var/mail 
> inadvertently as they would have to purposely send lots of e-mail.

Requirement to have /var/mail as separate partition is too hard for
most applications.


/netch

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message