Date: Sat, 08 Jun 1996 08:06:48 -0700 From: Paul Traina <pst@shockwave.com> To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: security@freebsd.org, core@freebsd.org (FreeBSD core team) Subject: Re: FreeBSD's /var/mail permissions Message-ID: <199606081506.IAA05615@precipice.shockwave.com> In-Reply-To: Your message of "Sat, 08 Jun 1996 10:21:27 %2B0200." <199606080821.KAA11417@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Excellent point. :-( From: J Wunsch <j@uriah.heep.sax.de> Subject: Re: FreeBSD's /var/mail permissions As Paul Traina wrote: (No idea whether discussion did already take place, i'm not on the security list. I suggest keeping -core as well.) > Proposed solution: > I'm considering creating group "mail" and going the setgid route, > so that a program which creates files in /var/mail can be simply > setgid mail. > > This is a well understood mail directory protection mechanism > and employs the "principle of least privilege." I don't think so. Unlike SysV, you cannot chown a file to a user of your will except when being root. So IMHO this does already mandate the programs that create mail folders to be setuid root. Given this, there's no sense in using the group `mail' in addition. -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606081506.IAA05615>