Re: Permissions of /var/spool/mail

To: rainer.dorsch@informatik.uni-stuttgart.de, debian-devel@lists.debian.org
Cc: sgersten@ramona.informatik.uni-stuttgart.de
Subject: Re: Permissions of /var/spool/mail
From: "J.H.M. Dassen \(Ray\)" <jdassen@wi.leidenuniv.nl>
Date: Mon, 23 Nov 1998 15:07:51 +0100
Message-id: <[🔎] 19981123150751.A21625@wi.leidenuniv.nl>
Mail-followup-to: rainer.dorsch@informatik.uni-stuttgart.de, debian-devel@lists.debian.org, sgersten@ramona.informatik.uni-stuttgart.de
In-reply-to: <[🔎] m0zhwJU-000HVrC@rainer.informatik.uni-stuttgart.de>; from Rainer Dorsch on Mon, Nov 23, 1998 at 02:45:59PM +0100
References: <[🔎] m0zhwJU-000HVrC@rainer.informatik.uni-stuttgart.de>

On Mon, Nov 23, 1998 at 14:45:59 +0100, Rainer Dorsch wrote:
> A collegue of mine found out that the /var/spool/mail permission on a Debian 
> system are non-standard:
> drwxrwsr-t   2 root     mail         1024 Nov 23 14:23 mail 

> Is there any reason for this?

This is per the relevant part of Debian policy; see
	http://www.debian.org/doc/debian-policy/ch5.html#s5.5

Doesn't o+w on /var/spool/mail mean that arbitrary programs can create
lockfiles? (which could be used as a denial of service attack)

> He complains, that imapd cannot create lock files.

Which imapd? The imapd in imap_4.4-4 is setgid mail, so it shouldn't have
probelems creating lockfiles.

Ray
-- 
Tevens ben ik van mening dat Nederland overdekt dient te worden.

Reply to:

Follow-Ups:
- Re: Permissions of /var/spool/mail
  - From: Rainer Dorsch <rainer@rainer.informatik.uni-stuttgart.de>

References:
- Permissions of /var/spool/mail
  - From: Rainer Dorsch <rainer@rainer.informatik.uni-stuttgart.de>

Prev by Date: Re: glibc recompiling was Re: libc resolver problem solved (critical bug)
Next by Date: Intent to package: TenDRA
Previous by thread: Permissions of /var/spool/mail
Next by thread: Re: Permissions of /var/spool/mail
Index(es):
- Date
- Thread