chen-dahe@CS.Yale.EDU (Dahe Chen) (01/28/89)
Sorry if the question is trivial. I don't have any manual for mh. In order to have inc work I have to chmod /usr/spool/mail to user- group writable, i.e. drwxrwxr-x; otherwise inc complains "unable to lock and fopen /usr/spool/mail/userid" Is it necessary to have the mode of mail folder to be 775 or is something else wrong? Thanx in advance. ------- Dahe Chen internet: dchen@twolf.ce.yale.edu ( @venus.ycc.yale.edu ) chen-dahe@cs.yale.edu bitnet: dchen@yalevms
wisner@CIS.OHIO-STATE.EDU (Bill Wisner) (01/28/89)
Change inc to group mail and turn on the 2000 mode bit (the setgid bit).
dce@stan.UUCP (David Elliott) (01/30/89)
In article <8901280137.AA24180@cheops.cis.ohio-state.edu> wisner@CIS.OHIO-STATE.EDU (Bill Wisner) writes: >Change inc to group mail and turn on the 2000 mode bit (the setgid bit). Then, try inc -notruncate -file {mailfile} where {mailfile} is a non-empty file in /usr/spool/mail or /usr/mail that you can't read. Of course, I may be wrong, but I think that making inc setgid mail will allow you to read a file you shouldn't be able to. Are files in /usr/mail readable by group 'mail', or just writable? -- David Elliott ...!pyramid!boulder!stan!dce "All he wanted was a Pepsi, but I wouldn't give it to him!" -- Mike's mom
wisner@cheops.cis.ohio-state.edu (Bill Wisner) (01/30/89)
inc uses access(2) to check file permissions; making it setgid mail will not (at least on a Sun-3 and an HP 9000) allow access to unreadable mail files.
keithm@synthesis.Synthesis.COM (Keith Mortensen) (01/31/89)
In article <32976@tut.cis.ohio-state.edu> Bill Wisner <wisner@cis.ohio-state.edu> writes: >inc uses access(2) to check file permissions; making it setgid mail will not >(at least on a Sun-3 and an HP 9000) allow access to unreadable mail files. I believe that David Elliott was correct in saying that it will allow you to read a file you shouldn't be able to. MH 6.5 and MH 6.6 does do an access as you indicated to check the file permissions, but when the access fails if tries to open the file read-only. Here is the source in question: if (access (newmail, 02) == NOTOK) { trnflag = 0; if ((in = fopen (newmail, "r")) == NULL) adios (newmail, "unable to read"); } I have commented out the code which does the fopen in my version. -- Keith Mortensen ------------------------------------------------------------------------------- UUCP: keithm@synthesis.com OR {wyse,ames,pyramid,decwrl}!mips!synthesis!keithm DDD: 408-991-0275 or 408-720-1557, Ext. 275 USPS: Synthesis Software Solutions, Inc., 292 Commercial Ave., CA 94086 -- Keith Mortensen ------------------------------------------------------------------------------- UUCP: keithm@synthesis.com OR {wyse,ames,pyramid,decwrl}!mips!synthesis!keithm DDD: 408-991-0275 or 408-720-1557, Ext. 275