From owner-freebsd-current  Thu Oct 31 03:56:16 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id DAA23156
          for current-outgoing; Thu, 31 Oct 1996 03:56:16 -0800 (PST)
Received: from parkplace.cet.co.jp (parkplace.cet.co.jp [202.32.64.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id DAA23144
          for <current@FreeBSD.org>; Thu, 31 Oct 1996 03:56:13 -0800 (PST)
Received: from localhost (michaelh@localhost) by parkplace.cet.co.jp (8.8.2/CET-v2.1) with SMTP id LAA27517; Thu, 31 Oct 1996 11:55:58 GMT
Date: Thu, 31 Oct 1996 20:55:58 +0900 (JST)
From: Michael Hancock <michaelh@cet.co.jp>
To: Terry Lambert <terry@lambert.org>
cc: Paul DuBois <dubois@primate.wisc.edu>, current@FreeBSD.org
Subject: Re: /var/mail (was: re: Help, permission problems...)
In-Reply-To: <199610310013.RAA24416@phaeton.artisoft.com>
Message-ID: <Pine.SV4.3.95.961031205150.27396C-100000@parkplace.cet.co.jp>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-current@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 30 Oct 1996, Terry Lambert wrote:

> > Also, perhaps I missed it in this discussion, but just what *is*
> > the security problem WRT having /var/mail set to 1777?
> 
> % id
> uid=501(terry) gid=20(staff) groups=20(staff), 0(wheel), 552(ncvs)
> % touch /var/mail/dubois
> % chmod 644 !$
> % ls -l !$
> -rw-r--r--  1 terry  wheel      0 Oct 30 17:02 /var/mail/dubois
> % mail -s "pay me a dollar to unlock your mail" dubois < /dev/null
> Null message body; hope that's ok
> %

The work around is to use mailer readers that truncate instead of remove
the file when all messages have been deleted or moved.

Regards,


Mike Hancock