fin@UF.MSC.UMN.EDU ("Craig Finseth") (12/30/88)
Hello, Richard, from a person out of your past... I'm a happy user of GNU-Emacs out here in Minnesota and -- not surprizingly -- also the maintainer. Unfortunately, GNU-Emacs has received a reputation as being "unsecure" because of a hole in movemail, which must run as set uid "root" (at least on our systems). Fortunately, the fix is very easy: starting at line 138: #ifdef MAIL_USE_FLOCK if (access (inname, R_OK | W_OK) != 0) <NEW pfatal_with_name (inname); <NEW indesc = open (inname, O_RDWR); #else /* if not MAIL_USE_FLOCK */ if (access (inname, R_OK) != 0) <NEW pfatal_with_name (inname); <NEW indesc = open (inname, O_RDONLY); #endif /* not MAIL_USE_FLOCK */ starting at line 156, add these lines: /* Should also check to ensure that, if outname is not present, its directory is writeable to the real uid */ if (access (outname, F_OK) == 0 && access (outname, W_OK) != 0) pfatal_with_name (outname); and that's it. Keep up the good work. Craig A. Finseth fin@msc.umn.edu [CAF13] Minnesota Supercomputer Center, Inc. (612) 624-3375