gnu@sun.uucp (John Gilmore) (11/22/84)
Sendmail will not mail directly to files to protect you from my mailing to "/usr/jsol/.login"@bbncca.arpa and putting funny things in your system files. Sendmail typically doesn't create files in /usr/spool/mail; it calls /bin/mail to do local delivery to users. It does its own delivery to files, though. When it has to create a file I'm not sure what protection would be best but heavy restriction sounds good to me -- you can fix it later and meanwhile your sensitive data has not leaked out. (Easiest way I ever found to break into systems, once you borrowed a nonprivileged account, was to read old mailfiles looking for passwords & other useful info.) The thing to do is create the file yourself before sendmail puts anything in it -- then YOU get to set the permissions and sendmail won't change them. You also get to set the owner and group, so you don't need to have public write permission, just daemon write so sendmail can append.