Re: mailx problems

To: debian-user@lists.debian.org
Subject: Re: mailx problems
From: Ethan Benson <erbenson@alaska.net>
Date: Sat, 31 Mar 2001 14:35:46 -0900
Message-id: <[🔎] 20010331143546.H909@plato.local.lan>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 01033112023301.23175@braindead.cbu.edu>; from wturkal@cbu.edu on Sat, Mar 31, 2001 at 12:02:33PM -0600
References: <[🔎] 01033112023301.23175@braindead.cbu.edu>

On Sat, Mar 31, 2001 at 12:02:33PM -0600, Warren Turkal wrote:
> Ok, heres the story.  I have installed a standard Debian 2.2r2 install, all 
> stable.  It problem is that when I run mail, I cannot delete messages.

you have also installed security updates, which is a good thing.  

the short story is: get a real MUA, i reccommend mutt.  

the long story is /var/mail is only writable by group mail, so any MUA
that needs to do mailbox locking (any that do read-write mailbox
operations) must either be setgid mail, or make use of a setgid helper
to do the locking (mutt_dotlock, lockfile et al).  mailx does its own
locking so for it to be able to alter your mailbox it must be setgid,
which it was until now.  the problem is mailx is made up of hideously
insecure code and there is a flaw in the current one that will allow
you to get gid=mail if you make it setgid, there have been many many
more like this in the past and debian among some other distros have
finally said `to hell with it' and removed setgid and adopted the
policy that nobody sane reads thier mail with `mail' 

on most debian systems which use exim which last i checked had this
annoying habit of creating mailspools mode 660 group=mail a gid=mail
compromise is quite serious since the attacker can now read and
delete everyones mail.  even with the correct mode 600 mailspools
debian's default permissions on /var/mail is 2775 not 3775 (no sticky
bit) so the attacker could still be a prick and rm -rf /var/mail/*
(a chmod 3775 /var/mail is one of the first changes i make to a newly
installed debian box, along with installing postfix instead of exim
which sets mailspool permissions correctly) 

> Now, if I su into root and check the mail, I am able to delete it no problem. 
> I checked the permissions of the /var/mail with this box (braindead) and 
> there seems to be no differences, yet I can delete my mail here.

you have not installed security updates on that box then, i recommend
you do so, there have been MANY root holes fixed since 2.2r2 was
released. 

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgp8cuIggeLyV.pgp
Description: PGP signature

Reply to:

References:
- mailx problems
  - From: Warren Turkal <wturkal@cbu.edu>

Prev by Date: Re: Linux Virus
Next by Date: Re: how to format a floppy in ext2
Previous by thread: mailx problems
Next by thread: Problem with mplayer
Index(es):
- Date
- Thread