Date: Fri, 7 Jun 1996 20:19:02 +0400 (MSD) From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> To: security@freebsd.org Subject: Re: FreeBSD's /var/mail permissions Message-ID: <199606071619.UAA00541@astral.msk.su> In-Reply-To: <199606071251.FAA25052@precipice.shockwave.com> from "Paul Traina" at "Jun 7, 96 05:51:50 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> If popper were the only problem, I'd consider chosing a > different directory for this temporary file to be created, such > as /var/tmp. This leads to a new set of problems and I consider > it less secure than maintaining the file in /var/mail as we have > always done. Not popper only is the problem, I remember that procmail and elm use this feature too (but can work without it too). It is common technique to create temporary mailbox in /var/mail and rename it to actual mailbox. This method avoid complex locking during rewriting window. > Proposed solution: > I'm considering creating group "mail" and going the setgid route, > so that a program which creates files in /var/mail can be simply > setgid mail. > > This is a well understood mail directory protection mechanism > and employs the "principle of least privilege." adduser program MUST create new user mailbox in this case to avoid pre-created mailboxes. Now it only send mail wich can be appended to pre-created mailbox. :-( -- Andrey A. Chernov : And I rest so composedly, /Now, in my bed, ache@astral.msk.su : That any beholder /Might fancy me dead - http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead. RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606071619.UAA00541>