/usr/spool/mail: 0777 or 0755?
Spencer W. Thomas
thomas at utah-gr.UUCP
Tue Feb 21 08:29:01 AEST 1984
The current mailbox locking scheme S**KS for exactly the reason
mentioned by rlgvax!guy -- you can't lock mailboxes when /usr/spool/mail
is not writable. Leaving /usr/spool/mail writable is a BIG BIG BIG BIG
security hole (write for details, using root login). We changed mail to
lock on /tmp. This isn't so good, but it is better. Seems to me that
on 4.2, which supports advisory file locking, that the file locking
should be used.
Once you've moved the locks off of /usr/spool/mail, then you can go
ahead and change the mode to 755.
=S
More information about the Comp.unix.wizards
mailing list