[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#92981: uw-imapd-ssl: can't use maildir format with uw-imap (fwd)



On Mon, Apr 09, 2001 at 11:25:20AM -0500, Jaldhar H. Vyas wrote:
> On Mon, 9 Apr 2001, Ethan Benson wrote:
> 
> > i would like to know why policy even suggests mailspools have 660
> > user.mail permissions, postfix being a sane mailer sets permissions to
> > 600 user.mail.  making mailspools writable by group mail does nothing
> > but make a gid=mail exploit disasterous where it would ordinarily be
> > rather boring.  (especially if you change /var/mail permissions to
> > 3775)
> >
> >
> 
> In bug #24772 against debian-policy, Herbert Xu asked the same thing.  He
> also asked for a rationale for the current policy.  The amendment was
> rejected and no rationale was given afaict.

no reason for the rejection was given either.  all thats mentioned in
that bug report is that pine has `permissions issues' i fail to see
why pine -- which is run by the *user* needs group write permission if
you own the file and the owner has rw then you and everything you run
has rw.  if pine has some screwball requirements i don't think that
should mandate unsecure policy.  especially since pine is not even in
debian, its non-free.  besides that i installed pine on a box running
postfix this summer and the only `permissions issue' it had was
complaining on startup that /var/spool/mail was mode 2775 instead of
1777, it was only a complaint and it seemed to work fine otherwise
(well as fine as pine `works'). 

> So Policy Gods, please enlighten us!

indeed, this should be changed 660 is a security hole.  

in fact i would propose that /var/mail permissions be changed from
2775 to 3775 to prevent a gid=mail exploit from allowing users to
rm -rf everyone elses mail.

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpYAJ0mDFsTW.pgp
Description: PGP signature


Reply to: