From owner-freebsd-current  Wed Apr 10 14:47:29 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id OAA12283
          for current-outgoing; Wed, 10 Apr 1996 14:47:29 -0700 (PDT)
Received: from mail.cs.tu-berlin.de (mail.cs.tu-berlin.de [130.149.17.13])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id OAA12271
          for <current@freebsd.org>; Wed, 10 Apr 1996 14:47:17 -0700 (PDT)
Received: from caramba.cs.tu-berlin.de (wosch@caramba.cs.tu-berlin.de [130.149.17.12]) by mail.cs.tu-berlin.de (8.6.12/8.6.12) with ESMTP id XAA19175; Wed, 10 Apr 1996 23:44:33 +0200
Received: (from wosch@localhost) by campa.panke.de (8.6.12/8.6.12) id UAA00395; Wed, 10 Apr 1996 20:57:09 +0200
Date: Wed, 10 Apr 1996 20:57:09 +0200
From: Wolfram Schneider <wosch@cs.tu-berlin.de>
Message-Id: <199604101857.UAA00395@campa.panke.de>
To: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
Cc: peter@jhome.DIALix.COM (Peter Wemm), current@freebsd.org
Subject: Re: /var/mail default permissions??
In-Reply-To: <199604100647.XAA15909@GndRsh.aac.dev.com>
References: <199604100556.NAA03118@jhome.DIALix.COM>
	<199604100647.XAA15909@GndRsh.aac.dev.com>
Reply-to: Wolfram Schneider <wosch@cs.tu-berlin.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Rodney W. Grimes writes:
>Though mail.local can be sure it does safe things in there, making this
>world writeable allows a very easy denial of service attack:
>cat /dev/zero >/var/mail/bigone (no noone can get mail on the system
>:-().

$ cat /dev/zero > /var/mail/`whoami`

/: file system full


You can put any garbage (except EOF) into a mailbox

$ locate / | /usr/libexec/mail.local foo

Wolfram