Re: Permissions of /var/spool/mail

To: "J.H.M. Dassen \(Ray\)" <jdassen@wi.leidenuniv.nl>
Cc: debian-devel@lists.debian.org
Subject: Re: Permissions of /var/spool/mail
From: Rainer Dorsch <rainer@rainer.informatik.uni-stuttgart.de>
Date: Mon, 23 Nov 1998 15:39:37 +0100
Message-id: <[🔎] m0zhx9N-000HVrC@rainer.informatik.uni-stuttgart.de>
Reply-to: rainer.dorsch@informatik.uni-stuttgart.de
In-reply-to: Your message of "Mon, 23 Nov 1998 15:07:51 +0100." <[🔎] 19981123150751.A21625@wi.leidenuniv.nl>

> On Mon, Nov 23, 1998 at 14:45:59 +0100, Rainer Dorsch wrote:
> > A collegue of mine found out that the /var/spool/mail permission on a Debian 
> > system are non-standard:
> > drwxrwsr-t   2 root     mail         1024 Nov 23 14:23 mail 
> 
> > Is there any reason for this?
> 
> This is per the relevant part of Debian policy; see
> 	http://www.debian.org/doc/debian-policy/ch5.html#s5.5
> 
> Doesn't o+w on /var/spool/mail mean that arbitrary programs can create
> lockfiles? (which could be used as a denial of service attack)
> 
> > He complains, that imapd cannot create lock files.
> 
> Which imapd? The imapd in imap_4.4-4 is setgid mail, so it shouldn't have
> probelems creating lockfiles.
> 

Thanks for your reply. The imap-4.2-1 package in hamm is buggy. Should I file 
a bugreport?

Rainer.

Reply to:

Follow-Ups:
- Re: Permissions of /var/spool/mail
  - From: "J.H.M. Dassen \(Ray\)" <jdassen@wi.leidenuniv.nl>

References:
- Re: Permissions of /var/spool/mail
  - From: "J.H.M. Dassen \(Ray\)" <jdassen@wi.leidenuniv.nl>

Prev by Date: Re: Permissions of /var/spool/mail
Next by Date: Re: Permissions of /var/spool/mail
Previous by thread: Re: Permissions of /var/spool/mail
Next by thread: Re: Permissions of /var/spool/mail
Index(es):
- Date
- Thread