From owner-freebsd-current Wed Oct 30 16:18:46 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA11800 for current-outgoing; Wed, 30 Oct 1996 16:18:46 -0800 (PST) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.211]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id QAA11788 for ; Wed, 30 Oct 1996 16:18:29 -0800 (PST) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id RAA24416; Wed, 30 Oct 1996 17:13:12 -0700 From: Terry Lambert Message-Id: <199610310013.RAA24416@phaeton.artisoft.com> Subject: Re: /var/mail (was: re: Help, permission problems...) To: dubois@primate.wisc.edu (Paul DuBois) Date: Wed, 30 Oct 1996 17:13:12 -0700 (MST) Cc: terry@lambert.org, current@FreeBSD.org In-Reply-To: <199610301618.KAA17123@night.primate.wisc.edu> from "Paul DuBois" at Oct 30, 96 10:18:50 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-current@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > It may be reasonable to expect fcntl() to work correctly, but it's > not necessarily true that you're going to *get* it. Witness this > note in the RELEASE_NOTES file from the sendmail distribution: > > Revert to using flock() whenever possible -- there are just > too many bugs in fcntl() locking, particularly over > NFS, that cause sendmail to fail in perverse ways. > > Also, perhaps I missed it in this discussion, but just what *is* > the security problem WRT having /var/mail set to 1777? % id uid=501(terry) gid=20(staff) groups=20(staff), 0(wheel), 552(ncvs) % touch /var/mail/dubois % chmod 644 !$ % ls -l !$ -rw-r--r-- 1 terry wheel 0 Oct 30 17:02 /var/mail/dubois % mail -s "pay me a dollar to unlock your mail" dubois < /dev/null Null message body; hope that's ok % Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.