[10175] in bugtraq
Re: ipop3d (x2) / pine (x2) / ...
daemon@ATHENA.MIT.EDU (GvS)
Mon Apr 12 16:26:22 1999
Date: Sun, 11 Apr 1999 16:13:21 +0400
Reply-To: GvS <gvs@RINET.RU>
From: GvS <gvs@RINET.RU>
X-To: Mark Crispin <MRC@CAC.WASHINGTON.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <MailManager.923673983.9786.mrc@Ikkoku-Kan.Panda.COM>
On Fri, 9 Apr 1999, Mark Crispin wrote:
MC> The locks are 666 for a reason.
SHIT! Sorry...
The lock mode MUST be selectable. I can't see almost any reason for
world-writable locks for me and my systems. If somebody wants to, he
can set them 0666 by hand. In any case I would require truly shared
mailboxes, it's enough for me to have the lock mode group-writable
(0660) and permit access for the specified group. And only!
Making lock-file mode 0666 doesn't allow me to detect hostile user
whether he/she appears on my system, but easily allows him/her to
perform at least 2 different DoS attacks agains somebody's Pine. It's
headache.
SY, Seva Gluschenko, just stranger at the Road.
GVS-RIPE: Cronyx Plus / RiNet network administrator.
--- IRC: erra
* Origin: Erra Netmale (gvs@rinet.ru) [http://gvs.rinet.ru/]
