From owner-freebsd-questions@FreeBSD.ORG Mon Jul 7 09:13:05 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0177B37B404 for ; Mon, 7 Jul 2003 09:13:05 -0700 (PDT) Received: from pop015.verizon.net (pop015pub.verizon.net [206.46.170.172]) by mx1.FreeBSD.org (Postfix) with ESMTP id D04F843FAF for ; Mon, 7 Jul 2003 09:13:01 -0700 (PDT) (envelope-from cswiger@mac.com) Received: from mac.com ([141.149.47.46]) by pop015.verizon.net (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP id <20030707161301.GWIO20810.pop015.verizon.net@mac.com>; Mon, 7 Jul 2003 11:13:01 -0500 Message-ID: <3F099C0D.9040900@mac.com> Date: Mon, 07 Jul 2003 12:13:01 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: en-us, en MIME-Version: 1.0 To: quadrant References: <200307071159.51505.quadrant@apex.homedns.org> In-Reply-To: <200307071159.51505.quadrant@apex.homedns.org> X-Enigmail-Version: 0.76.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at pop015.verizon.net from [141.149.47.46] at Mon, 7 Jul 2003 11:13:00 -0500 cc: freebsd-questions@freebsd.org Subject: Re: /var/mail question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2003 16:13:05 -0000 quadrant wrote: > I was temporarilly using pine to retrieve my email, and upon exiting the > program, pine notified me that the /var/mail directory was > vulnerable, and advised a chmod 1777 of such. The default is 775. > What are the implications of this, and won't 1777 make the folder more > vulnerable? My understanding was that if the SUID bit is turned > on for either U, G or O, that security is more at risk. Please > let me know what I should do... Permission 1777 involves the "sticky" bit, which is used for /tmp, not setuid or setgid: STICKY DIRECTORIES A directory whose `sticky bit' is set becomes an append-only directory, or, more accurately, a directory in which the deletion of files is restricted. A file in a sticky directory may only be removed or renamed by a user if the user has write permission for the directory and the user is the owner of the file, the owner of the directory, or the super-user. This feature is usefully applied to directories such as /tmp which must be publicly writable but should deny users the license to arbitrarily delete or rename each others' files. I think the stock BSD permissions of 775 imply that the LDA must be running as root in order to perform local delivery. The other type of mail configuration (used by SysV-style Unices) involves 770 permissions and having the LDA be setgid to "mail". -- -Chuck