Date: Mon, 7 Aug 2000 22:07:07 -0700 (PDT) From: Rick McGee <rickm@imbris.com> To: Matt Heckaman <matt@ARPA.MAIL.NET> Cc: FreeBSD-PORTS <freebsd-ports@FreeBSD.ORG>, FreeBSD-SECURITY <freebsd-security@FreeBSD.ORG> Subject: Re: pine 4.21 port issues? Message-ID: <Pine.BSF.4.21.0008072202170.20701-100000@wind.imbris.com> In-Reply-To: <Pine.BSF.4.21.0008080020001.86895-100000@epsilon.lucida.qc.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Matt, no it's ok and it works rather well. If you look up chmod the sticky bit this what you get. 1000 (the sticky bit) When set on a directory, unprivileged users can delete and rename only those files in the directory that are owned by them, regardless of the permissions on the directory. Under FreeBSD, the sticky bit is ignored for executable files and may only be set for directories Rick On Tue, 8 Aug 2000, Matt Heckaman wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello, > > I reinstalled the pine 4.21 port a few days ago and I suddenly was greated > with the following notice from it upon reading mail: > > [Mailbox vulnerable - directory /var/mail must have 1777 protection] > > This is a bad thing. The default permissions on FreeBSD for /var/mail are > root:mail 0775 which, in my opinion, is far better than 1777. I'm curious > as to why all of the sudden it is reporting the mailbox as 'vulnerable'. > > I've had a ton of users of mine freak out over this, and I must admit it's > odd. Pine aso has a new? depend on c-client4.7 which it did not have a few > months ago to my knowledge, as I have one pine build from March 19 that > does not have this depend or the mailbox warning. > > Since very little in FreeBSD is ever done without a reason, I'm curious as > to the reason for this. It seems..wrong to have a port report a vulnerable > mailbox on a default FreeBSD installation. I would like to apologize for > the cross-post, but I felt it relevent to both lists. If this is incorrect > please inform me so that I don't make the same mistake again :) > > Regards, > Matt Heckaman > > * Matt Heckaman - mailto:matt@lucida.qc.ca http://www.lucida.qc.ca/ * > * GPG fingerprint - A9BC F3A8 278E 22F2 9BDA BFCF 74C3 2D31 C035 5390 * > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.2 (FreeBSD) > Comment: http://www.lucida.qc.ca/pgp > > iD8DBQE5j4x1dMMtMcA1U5ARAvfvAJ45hV8wGtiHYj71fKwRjS0J4QC4oQCghwBh > 3Lbel2zCC95gG1UCLdfiLT8= > =qbUc > -----END PGP SIGNATURE----- > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008072202170.20701-100000>