Date: Mon, 15 Sep 1997 22:23:42 -0700 (PDT) From: Doug White <dwhite@gdi.uoregon.edu> To: Paul Dekkers <paul@nev.ml.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IMAP Message-ID: <Pine.BSF.3.96.970915222237.3096R-100000@localhost> In-Reply-To: <Pine.LNX.3.96.970914120342.172B-100000@gromit.nev.ml.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 14 Sep 1997, Paul Dekkers wrote: > >Oh, the other part of it is make it owned by bin:bin. > > > >drwxrwxr-x 2 bin bin 512 May 20 14:31 mail/ > > > >This way sendmail et.al. can write stuff in there, but run as someone > >other than bin, such as a user. But not just anyone can dump stuff in > >there. > > I tried, but I thought imap wanted to create the lockfiles with the user > as owner?! At least, when I changed mail's perms to bin.users and > drwxrwxr-x theproblem disappeared... Okay, it may depend on who owns imapd. > >I made that change after the IMAP problem; they had some suggestions for > >setting up /var/mail perms for best results. > > by another way; isn't imap really unsafe? as a normal user I can view the > root filesystem, even with no shell or ftp account!? (and also when I've > an account with limited root) There was a security problem with imap that is fixed in the latest release. So what if I can see /? I'd have a heck of a time if I couldn't. You shouldn't put anything important in there anyway. If I can write to it, that is a bigger problem.. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major Spam routed to /dev/null by Procmail | Death to Cyberpromo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970915222237.3096R-100000>