[433] in linux-security and linux-alert archive
mail spool
daemon@ATHENA.MIT.EDU (*Hobbit*)
Fri Oct 27 18:01:55 1995
Date: Fri, 27 Oct 1995 13:14:05 -0400
From: *Hobbit* <hobbit@avian.org>
To: linux-security@tarsier.cv.nrao.edu
Mine's been 755 owned by root for ages. I long ago scrapped procmail and am
running the cert/wietse/whoever rehacked "mail.local" for final delivery.
Works fine for me; my mailbox gets zeroed out but stays there after I read
everything. Probably won't work for POP-based folks, though.
My own take on it is that regular users shouldn't be able to write into the
mail-spool directory at all, and only a few programs should be able to.
Unfortunately the stock utilities on a lot of machines don't grok this
philosophy [sunos comes to mind...] and I haven't had time to think about
a Universal Fix for this problem that allows all mail clients to work.
If I were to do so, though, I'd start with something like mail.local to
deliver and a paranoidly hacked movemail to retrieve, and wrap everything
else around same in a non-setuid way.
_H*
