Date: Wed, 31 Mar 1999 19:47:04 +0100 From: Robin Melville <robmel@innotts.co.uk> To: Dom Mitchell <Dom.Mitchell@palmerharvey.co.uk>, Rahul Dhesi <dhesi@rahul.net> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: 'make installworld' makes /var/mail world-not-writable Message-ID: <l03130300b3281d08ade5@[172.16.17.20]> In-Reply-To: <E10SGEX-0005Kj-00@voodoo.pandhm.co.uk> References: Rahul Dhesi's message of "Tue, 30 Mar 1999 18:58:49 -0800" <199903310258.AA09076@waltz.rahul.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 9:20 am +0100 31/3/99, Dom Mitchell wrote: >On 30 March 1999, Rahul Dhesi proclaimed: >> "Chad R. Larson" <chad@freebie.dcfinc.com> writes: [...] >> But what if it's just an NFS client and some other server exports >> /var/mail to it, and there are a bunch of other clients that all use >> .lock files on that filesystem? >> >> Unlike / and /usr and /etc, which can be considered private to each >> machine, /var/mail is much more likely to be a global filesystem with a >> site-wide, not machine-specific, file locking policy and permissions. > >Nope. Anybody using an NFS mounted /var/mail gets what they deserve. >Use POP3, IMAP and SMTP and stop worrying about things. Yes, it's seriously bad news to allow NFS access to anything that should opened by setgid or setuid daemons. Even if rpc.lockd did work in FreeBSD its a security nightmare. Forward mail to the local MTA, allow remote MUA's to use the remote protocols. The only way... Regards Robin. ---------------------------------------------------------------------- Robin Melville, Addiction Information Services Nottingham Alcohol & Drug Team Tel: +44 (0)115 952 9478 Fax: +44 (0)115 952 9421 work: robmel@nadt.org.uk home: robmel@innotts.co.uk Pages: http://www.innotts.co.uk/~robmel (home page) http://www.innotts.co.uk/nadt (substance misuse pages) ---------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?l03130300b3281d08ade5>