keeping your mailbox secure, even with mailx
karl at cbrma.UUCP
karl at cbrma.UUCP
Tue Jan 20 08:00:18 AEST 1987
In article <121 at falkor.UUCP> psc at lzaz.UUCP (Paul S. R. Chisholm) writes:
>As most people know, your mailbox (where incoming mail is stored before
>you read it, usually /usr/mail/$LOGNAME) is by default world readable.
>This has been very amusing to would-be hackers, and very embarrassing to
>couples sending each other electronic love notes.
I have just spent a few minutes and experimented with a herd of the
systems I have available to me here in my department. In all cases,
my mailbox is created 0660 no matter whether I use mailx as a front
end, or just go straight for the gills with /bin/mail (actually
/bin/lmail, due to having installed smail). The set of machines on
which I just tried this out includes:
cbrma: VAX-11/780 SysV.0
cbrmb: VAX-11/780 SysV.2.2
cbrmc: PDP-11/70 SysIII
cbrmd: PDP-11/70 SysV.0
cbrme: 3b20 SysV.2.1
cbstr1:3b15 SysV.2.1
bacon: 3b2 SysV.2.0.4
byron: 3b2 SysV.2.0.5
That list includes a couple of network-invisible machines. I daresay
that it constitutes a representative sample of systems and software.
No such problems on any of them. Has someone hacked up your software
locally?
--
Karl
More information about the Comp.unix.questions
mailing list