Date: Wed, 30 Oct 1996 17:13:12 -0700 (MST) From: Terry Lambert <terry@lambert.org> To: dubois@primate.wisc.edu (Paul DuBois) Cc: terry@lambert.org, current@FreeBSD.org Subject: Re: /var/mail (was: re: Help, permission problems...) Message-ID: <199610310013.RAA24416@phaeton.artisoft.com> In-Reply-To: <199610301618.KAA17123@night.primate.wisc.edu> from "Paul DuBois" at Oct 30, 96 10:18:50 am
next in thread | previous in thread | raw e-mail | index | archive | help
> It may be reasonable to expect fcntl() to work correctly, but it's > not necessarily true that you're going to *get* it. Witness this > note in the RELEASE_NOTES file from the sendmail distribution: > > Revert to using flock() whenever possible -- there are just > too many bugs in fcntl() locking, particularly over > NFS, that cause sendmail to fail in perverse ways. > > Also, perhaps I missed it in this discussion, but just what *is* > the security problem WRT having /var/mail set to 1777? % id uid=501(terry) gid=20(staff) groups=20(staff), 0(wheel), 552(ncvs) % touch /var/mail/dubois % chmod 644 !$ % ls -l !$ -rw-r--r-- 1 terry wheel 0 Oct 30 17:02 /var/mail/dubois % mail -s "pay me a dollar to unlock your mail" dubois < /dev/null Null message body; hope that's ok % Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610310013.RAA24416>