Date: Sun, 9 Jun 1996 20:14:20 -0600 (MDT) From: Ade Barkah <mbarkah@hemi.com> To: taob@io.org (Brian Tao) Cc: security@freebsd.org Subject: Re: FreeBSD's /var/mail permissions Message-ID: <199606100214.UAA29892@hemi.com> In-Reply-To: <Pine.NEB.3.92.960609193309.8414E-100000@zap.io.org> from "Brian Tao" at Jun 9, 96 07:37:05 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Brian Tao wrote: [re: KEEP_DROP_TEMP in QPOP 2.2] > > Actually, this is not needed. The same set of permissions which > > prevents QPOP from creating the .user.pop file also prevents it > > from removing the lock file. =-) > > It complains about not being able to remove the file though, > doesn't it? ... I don't think it does. It erases the file using (void)unlink(p->temp_drop); so it never checks for EACCESS. I should compile with KEEP_DROP_TEMP anyway, more efficient that way. > > popper[20737]: @remote-host: -ERR POP EOF received > > > > Any ideas why this might be happening ? ... > > Hrmmmm... I remember some sort of problem like that with an older > 2.1.x qpopper that forced me to go back to the cac.washington.edu > POP daemon. ... Maybe I'll try out this washington.edu daemon. Any security concerns with it ? Glancing at rfc1081, it's pretty tempting to write a tiny, secure, POP server implementing just the few mandatory commands. Thanks, -Ade ------------------------------------------------------------------- Inet: mbarkah@hemi.com - HEMISPHERE ONLINE - <http://www.hemi.com/> -------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606100214.UAA29892>