Re: #24510: procmail: procmail creates mailboxes with mode 660
On Mon, Jul 13, 1998 at 06:01:31PM +0200, Santiago Vila wrote:
>
> On Mon, 13 Jul 1998, Herbert Xu wrote:
>
> > Package: procmail
> > Version: 3.10.7-6
> >
> > It seems that procmail is creating mailboxes with mode 660 (the MTA is
> > sendmail) and this is quite insecure as security holes in MUA's could lead
> > to private emails being accessed by unauthorised individuals. The correct
> > mode is of course 600.
>
> I don't know what you mean with "of course" but policy says:
>
> 4.5 Mail transport agents
>
> [...]
>
> Mailboxes are generally 660 user.mail unless the user has chosen
> otherwise.
OK, can someone provide that rationale for this please? It seems completely
broken to me.
--
Debian GNU/Linux 2.0beta is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To UNSUBSCRIBE, email to debian-policy-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: