Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 7 Aug 2000 22:07:07 -0700 (PDT)
From:      Rick McGee <rickm@imbris.com>
To:        Matt Heckaman <matt@ARPA.MAIL.NET>
Cc:        FreeBSD-PORTS <freebsd-ports@FreeBSD.ORG>, FreeBSD-SECURITY <freebsd-security@FreeBSD.ORG>
Subject:   Re: pine 4.21 port issues?
Message-ID:  <Pine.BSF.4.21.0008072202170.20701-100000@wind.imbris.com>
In-Reply-To: <Pine.BSF.4.21.0008080020001.86895-100000@epsilon.lucida.qc.ca>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi Matt, no it's ok and it works rather well.
If you look up chmod the sticky bit this what you get.
1000    (the sticky bit) When set on a directory, unprivileged
users can delete and rename only those files in the directory that are owned by them, regardless of the
permissions on the directory.  Under FreeBSD, the sticky bit is ignored
for executable files and may only be set for directories  

Rick

On Tue, 8 Aug 2000, Matt Heckaman wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hello,
> 
> I reinstalled the pine 4.21 port a few days ago and I suddenly was greated
> with the following notice from it upon reading mail:
> 
> [Mailbox vulnerable - directory /var/mail must have 1777 protection]
> 
> This is a bad thing. The default permissions on FreeBSD for /var/mail are
> root:mail 0775 which, in my opinion, is far better than 1777. I'm curious
> as to why all of the sudden it is reporting the mailbox as 'vulnerable'.
> 
> I've had a ton of users of mine freak out over this, and I must admit it's
> odd. Pine aso has a new? depend on c-client4.7 which it did not have a few
> months ago to my knowledge, as I have one pine build from March 19 that
> does not have this depend or the mailbox warning.
> 
> Since very little in FreeBSD is ever done without a reason, I'm curious as
> to the reason for this. It seems..wrong to have a port report a vulnerable
> mailbox on a default FreeBSD installation. I would like to apologize for
> the cross-post, but I felt it relevent to both lists. If this is incorrect
> please inform me so that I don't make the same mistake again :)
> 
> Regards,
> Matt Heckaman
> 
> * Matt Heckaman   - mailto:matt@lucida.qc.ca  http://www.lucida.qc.ca/ *
> * GPG fingerprint - A9BC F3A8 278E 22F2 9BDA  BFCF 74C3 2D31 C035 5390 *
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.2 (FreeBSD)
> Comment: http://www.lucida.qc.ca/pgp
> 
> iD8DBQE5j4x1dMMtMcA1U5ARAvfvAJ45hV8wGtiHYj71fKwRjS0J4QC4oQCghwBh
> 3Lbel2zCC95gG1UCLdfiLT8=
> =qbUc
> -----END PGP SIGNATURE-----
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008072202170.20701-100000>