[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Ximian evolution unable to lock /var/spool/mail/xxxx

On 15 May 2001 10:24:57 +0200, franck routier wrote:
> chmod o+w /var/mail did the trick.
> (no need for sticky bit for me)

> This is not set by default on debian. Does anyone know :
> 1) why evolution needs it (does not run as the user's id ?)

The user should not be able to write /var/mail, because usually he
needn't to, as an app, like movemail, takes care of creating the
lockfile. However, to do this the app needs special privileges, like
being suid root. This is dangerous, though, and an app that does this
should be very stable and audited. The Evo team didn't have time or
didn't want to include this functionality as long as Evo is unstable and
a lot of other things are needed. If you need it, you can still compile
Evo yourself and tell it the path to movemail. They said that
eventually, I'd guess before Evo goes 1.0, they'll take care of it

> 2) if this can be dangerous in any way from a security point of view ?

I wouldn't want it on a production machine or when there are a lot of
(possibly untrusted) users on the system. I don't think that it's a
problem on a home machine from a security POV, but I'd be glad to be
educated if someone on the list thinks otherwise


I did not vote for the Austrian government

Reply to: