[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RfD: documentation for statically assigned uid and gid

Franklin Belew <frb@balance.wiw.org> wrote:
> I believe this all depends on the mail daemon
> Sendmail for example is stupid and does require the group 

I use sendmail and all my mailboxes are 600.

What this all comes down to is whether the MDA has root privilege to begin
with.  If it does, then it can switch to the user later on which means that
the mail boxes can be 600.  If it doesn't, then it must be of group mail
and the mail boxes must be 660.  AFAIK, all Debian MDA's are run as root
by default.

Having a MDA sgid mail may be safer than running it as root, but it also
opens a new security concern.  Since the group mail is overloaded with
another meaning, i.e., mail readers use it to lock mail boxes.  So if a
mail reader is compromised...

We could at least switch it to 620 (assuming MDA's only append) but bad
mail readers will still be able to wipe out the mail box.
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to: