Date: Sat, 8 Jun 1996 11:32:35 +0400 (MSD) From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> To: pantzer@ludd.luth.se (Mattias Pantzare) Cc: pst@shockwave.com, security@FreeBSD.org Subject: Re: FreeBSD's /var/mail permissions Message-ID: <199606080732.LAA00950@astral.msk.su> In-Reply-To: <Pine.SUN.3.91.960607232129.10242A-100000@father.ludd.luth.se> from "Mattias Pantzare" at "Jun 7, 96 11:22:54 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > I'm confused, why do you say adduser must create new user mailbox? > > Mail.local is already suid root and adduser should deliver a preformatted > > mail message with mail.local. > > Why should adduser send any mail to anybody? Rather silly if you ask me. Because bad guy can pre-create upcoming user mailbox with 666 permissions. -- Andrey A. Chernov : And I rest so composedly, /Now, in my bed, ache@astral.msk.su : That any beholder /Might fancy me dead - http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead. RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606080732.LAA00950>