boehme@unvax.union.edu (Eric M. Boehm) (01/10/91)
Is there some compelling reason for /usr/spool/mail to be world writable? Before I go changing things or altering the source code, I would like to know if it is possible to have /usr/spool/mail mode 755 and still be able to use elm? -- Eric M. Boehm boehme@unvax.Union.EDU BOEHME@UNION.BITNET
syd@DSI.COM (Syd Weinstein) (01/10/91)
boehme@unvax.union.edu (Eric M. Boehm) writes: >Is there some compelling reason for /usr/spool/mail to be world >writable? Before I go changing things or altering the source code, I >would like to know if it is possible to have /usr/spool/mail mode 755 >and still be able to use elm? Having /usr/spool/mail mode 755 means Elm would have to be setuid to the owner of /usr/spool/mail, so it can do links and unlinks to get the file copied back. Not the best idea. However, many System V's make /usr/mail (their /usr/spool/mail) 775, group mail, and in that mode Elm runs setgid. If /usr/spool/mail is 1777 or 3777 in the BSD world, then only the owner can remove the file, and the protections on the file itself will prevent others from reading it. This works quite well. -- ===================================================================== Sydney S. Weinstein, CDP, CCP Elm Coordinator Datacomp Systems, Inc. Voice: (215) 947-9900 syd@DSI.COM or dsinc!syd FAX: (215) 938-0235