[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Permissions of /var/mail/$USER


When an user is created, useradd creates a /var/mail/$USER mailbox with
the mode 0660 (owned by $USER:mail).

I heard this causes some issues for dovecot, and a solution could be to
move to mode 0600.

I would like to change shadow in that direction, with a configure option to
restore the previous behavior.

On Debian, the policy allows this, but I would like to communicate this
change in case some people know of possible breakages.

Here is an extract from the Debian policy:

     Mailboxes are generally either mode 600 and owned by <user> or mode
     660 and owned by `<user>:mail'[3].  The local system administrator may
     choose a different permission scheme; packages should not make
     assumptions about the permission and ownership of mailboxes unless
     required (such as when creating a new mailbox).  A MUA may remove a
     mailbox (unless it has nonstandard permissions) in which case the MTA
     or another MUA must recreate it if needed.


[3]  There are two traditional permission schemes for mail spools: mode 600
     with all mail delivery done by processes running as the destination
     user, or mode 660 and owned by group mail with mail delivery done by a
     process running as a system user in group mail.  Historically, Debian
     required mode 660 mail spools to enable the latter model, but that
     model has become increasingly uncommon and the principle of least
     privilege indicates that mail systems that use the first model should
     use permissions of 600.  If delivery to programs is permitted, it's
     easier to keep the mail system secure if the delivery agent runs as
     the destination user.  Debian Policy therefore permits either scheme.

Other distributions could use the configure option, but let me know if this
would also break anything.

Thanks in advance,

Reply to: