Date: Mon, 7 Jul 2003 17:06:21 +0100 From: Daniel Bye <dan@slightlystrange.org> To: freebsd-questions@freebsd.org Subject: Re: /var/mail question Message-ID: <20030707160620.GA78701@catflap.home.slightlystrange.org> In-Reply-To: <200307071159.51505.quadrant@apex.homedns.org> References: <200307071159.51505.quadrant@apex.homedns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--UlVJffcvxoiEqYs2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 07, 2003 at 11:59:51AM -0400, quadrant wrote: > I was temporarilly using pine to retrieve my email, and upon exiting the > program, pine notified me that the /var/mail directory was > vulnerable, and advised a chmod 1777 of such. The default is 775. > What are the implications of this, and won't 1777 make the folder more > vulnerable? My understanding was that if the SUID bit is turned > on for either U, G or O, that security is more at risk. Please > let me know what I should do... > Thanks, > Eric chmod 1777 turns on the sticky bit, as well as giving rwx permissions for all. This is the same as, for example, /tmp. The sticky bit tells the system to allow only the owner of a file to unlink that file. That is, although any user can create a file, only the user that created it may unlink it. With the default mode of 0775, any member of the group owner of the directory could delete files. However, provided you only have trusted users in that group, it shouldn't be a problem. I have never seen such warnings, so have never given it any thought. Dan --=20 Daniel Bye PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc PGP Key fingerprint: 3B9D 8BBB EB03 BA83 5DB4 3B88 86FC F03A 90A1 BE8F _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ --UlVJffcvxoiEqYs2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/CZp8hvzwOpChvo8RAgTWAJ9LFRu2cjjUGyCnrzhF9dh05XRGJwCfaAaG JRcXNKM/auVwblmpqV7spTA= =ATML -----END PGP SIGNATURE----- --UlVJffcvxoiEqYs2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030707160620.GA78701>