[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: liblockfile: new version, new API

In article <cistron.19990610120631.B3005@molehole>,
Steve Greenland  <stevegr@debian.org> wrote:
>On 10-Jun-99, 10:18 (CDT), Miquel van Smoorenburg <miquels@cistron.nl> wrote: 
>> On the bright side, programs can now use the functions in liblockfile
>> to lock mailboxes without any special priviliges.
>Tell me there is some sort of check w.r.t. mailbox ownership -- I can't
>write and run a program that locks an arbitrary mailbox, right?

To be able to create a lockfile with priviliges, 3 conditions must be met:

- The directory where the lockfile resides must be writable by group
  mail (logical, since the ``dotlockfile'' utility runs setgid mail)
- The lockfile must be named "YOURUSERNAME.lock"
- The file "YOURUSERNAME" must exist and be owned by you

So no, you can't write and run a program that locks an arbitrary mailbox.

BTW, if you could, you wouldn't have to write a program for it - the
functions in liblockfile simply call the included utility ``dotlockfile''
to do the actual locking/unlocking.

Indifference will certainly be the downfall of mankind, but who cares?

Reply to: