[10159] in bugtraq
Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight
daemon@ATHENA.MIT.EDU (Mark Crispin)
Fri Apr 9 18:17:19 1999
Date: Fri, 9 Apr 1999 09:06:23 -0700
Reply-To: Mark Crispin <MRC@CAC.WASHINGTON.EDU>
From: Mark Crispin <MRC@CAC.WASHINGTON.EDU>
X-To: Olaf Kirch <okir@monad.swb.de>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19990409104805.A29385@monad.swb.de>
On Fri, 9 Apr 1999 10:48:05 +0200, Olaf Kirch wrote:
> There's a feature in imap that's rarely if ever mentioned which lets
> you configure the lock protection for mailbox locks. In /etc/client.cf,
> you can do `set lock-protection 0600'. The source says it's totally
> unsupported and may go away anytime, though.
Don't do it. It won't work. It will break things, and subject you to public
humiliation should I get a bug report as a result.
The locks are 666 for a reason. Forget about denial of service problems when
you have hostile users with shell accounts (why would you have such a thing
anyway). We're talking about denial of service problems when all of your
users are good guys and are cooperating with each other.
