non-setgid mail MUAs

To: debian-policy@lists.debian.org
Subject: non-setgid mail MUAs
From: Matt Kraai <kraai@alumni.carnegiemellon.edu>
Date: Mon, 28 Aug 2000 11:52:34 -0700
Message-id: <[🔎] 20000828115234.A366@gecko23.dse.beckman.com>

Howdy,

Policy 3.2.1.0 states that MUAs should be setgid mail.  This is so that
they can create lockfiles in /var/spool/mail.  This has the unfortunate
consequence that MUA bugs can be exploited to read the email of other
users.  A setgid mail locking utility has been added to liblockfile so
that MUAs that use liblockfile do not need to be setgid mail.  I have
attached a patch to policy.sgml to this effect.  Assuming that this is a
reasonable request, would some developer please officially propose it?

Matt

--- policy.sgml.orig	Mon Aug 28 11:17:29 2000
+++ policy.sgml	Mon Aug 28 11:22:08 2000
@@ -3168,10 +3168,11 @@
 	  Mailboxes must be writable by group mail.</p>
 	  
 	<p>
-	  The mail spool is 2775 <tt>root.mail</tt>, and MUAs should
-	  be setgid mail to do the locking mentioned above (and
-	  must obviously avoid accessing other users' mailboxes
-	  using this privilege).</p>
+	  The mail spool is 2775 <tt>root.mail</tt>, and MUAs which do
+	  not use liblockfile should be setgid mail to do the locking
+	  mentioned above (and must obviously avoid accessing other
+	  users' mailboxes using this privilege).  MUAs which do use
+	  liblockfile should not be setgid mail.</p>
 	  
 	<p>
 	  <tt>/etc/aliases</tt> is the source file for the system mail

Reply to:

Follow-Ups:
- Re: non-setgid mail MUAs
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: non-setgid mail MUAs
  - From: Roland Rosenfeld <roland@spinnaker.de>

Prev by Date: Bug#70442: [PATCH] misspellings in menu-policy.sgml
Next by Date: Re: Bug#70269: automatic build fails for potato
Previous by thread: Bug#70442: [PATCH] misspellings in menu-policy.sgml
Next by thread: Re: non-setgid mail MUAs
Index(es):
- Date
- Thread