Re: Permissions of /var/spool/mail
> On Mon, Nov 23, 1998 at 14:45:59 +0100, Rainer Dorsch wrote:
> > A collegue of mine found out that the /var/spool/mail permission on a Debian
> > system are non-standard:
> > drwxrwsr-t 2 root mail 1024 Nov 23 14:23 mail
>
> > Is there any reason for this?
>
> This is per the relevant part of Debian policy; see
> http://www.debian.org/doc/debian-policy/ch5.html#s5.5
>
> Doesn't o+w on /var/spool/mail mean that arbitrary programs can create
> lockfiles? (which could be used as a denial of service attack)
>
> > He complains, that imapd cannot create lock files.
>
> Which imapd? The imapd in imap_4.4-4 is setgid mail, so it shouldn't have
> probelems creating lockfiles.
>
Thanks for your reply. The imap-4.2-1 package in hamm is buggy. Should I file
a bugreport?
Rainer.
Reply to: