From owner-freebsd-current  Thu Oct 31 15:33:52 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id PAA16707
          for current-outgoing; Thu, 31 Oct 1996 15:33:52 -0800 (PST)
Received: from parkplace.cet.co.jp (parkplace.cet.co.jp [202.32.64.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA16702
          for <current@freebsd.org>; Thu, 31 Oct 1996 15:33:45 -0800 (PST)
Received: from localhost (michaelh@localhost) by parkplace.cet.co.jp (8.8.2/CET-v2.1) with SMTP id XAA02352; Thu, 31 Oct 1996 23:33:20 GMT
Date: Fri, 1 Nov 1996 08:33:20 +0900 (JST)
From: Michael Hancock <michaelh@cet.co.jp>
To: "Hr.Ladavac" <lada@ws2301.gud.siemens.co.at>
cc: terry@lambert.org, dubois@primate.wisc.edu, current@freebsd.org
Subject: Re: /var/mail (was: re: Help, permission problems...)
In-Reply-To: <199610311259.AA157886749@ws2301.gud.siemens.co.at>
Message-ID: <Pine.SV4.3.95.961101082343.2317A-100000@parkplace.cet.co.jp>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Thu, 31 Oct 1996, Hr.Ladavac wrote:

> E-mail message from Michael Hancock contained:
> > On Wed, 30 Oct 1996, Terry Lambert wrote:
> > 
> > > > Also, perhaps I missed it in this discussion, but just what *is*
> > > > the security problem WRT having /var/mail set to 1777?
> > > 
> > > % id
> > > uid=501(terry) gid=20(staff) groups=20(staff), 0(wheel), 552(ncvs)
> > > % touch /var/mail/dubois
> > > % chmod 644 !$
> > > % ls -l !$
> > > -rw-r--r--  1 terry  wheel      0 Oct 30 17:02 /var/mail/dubois
> > > % mail -s "pay me a dollar to unlock your mail" dubois < /dev/null
> > > Null message body; hope that's ok
> > > %
> > 
> > The work around is to use mailer readers that truncate instead of remove
> > the file when all messages have been deleted or moved.
> 
> How about:
> 
> user is not yet there, but will be ... or he didn't receive any mail yet.

Got me on the first one, but the prankster has to predict names.  It's
probably acceptable for a lot of sites.

In the second case use an administrative program that sends mail each time
an account is created.

Regards,


Mike Hancock

BTW, I'm just playing devil's advocate.  I like flock() and proper
permissions on /var/mail.

What I really prefer is using procmail to delivering to
/home/%u/mail/mbox.  This requires changes to pop3 and using a mail
reader that can look elsewhere more flexibly.  Or just use imap and pine.