Date: Thu, 31 Oct 1996 20:55:58 +0900 (JST) From: Michael Hancock <michaelh@cet.co.jp> To: Terry Lambert <terry@lambert.org> Cc: Paul DuBois <dubois@primate.wisc.edu>, current@FreeBSD.org Subject: Re: /var/mail (was: re: Help, permission problems...) Message-ID: <Pine.SV4.3.95.961031205150.27396C-100000@parkplace.cet.co.jp> In-Reply-To: <199610310013.RAA24416@phaeton.artisoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 30 Oct 1996, Terry Lambert wrote: > > Also, perhaps I missed it in this discussion, but just what *is* > > the security problem WRT having /var/mail set to 1777? > > % id > uid=501(terry) gid=20(staff) groups=20(staff), 0(wheel), 552(ncvs) > % touch /var/mail/dubois > % chmod 644 !$ > % ls -l !$ > -rw-r--r-- 1 terry wheel 0 Oct 30 17:02 /var/mail/dubois > % mail -s "pay me a dollar to unlock your mail" dubois < /dev/null > Null message body; hope that's ok > % The work around is to use mailer readers that truncate instead of remove the file when all messages have been deleted or moved. Regards, Mike Hancock
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SV4.3.95.961031205150.27396C-100000>