Path: utzoo!attcan!uunet!acd4!mjb From: mjb@acd4.UUCP ( Mike Bryan ) Newsgroups: comp.mail.elm Subject: Re: ** Serious Elm security hole + FIX ** Keywords: elm, $MAIL, read folder on startup Message-ID: <1989Oct22.155409.3857@acd4.UUCP> Date: 22 Oct 89 15:54:09 GMT References: <1726@ruuinf.cs.ruu.nl> Reply-To: mjb@acd4.UUCP ( Mike Bryan ) Organization: Applied Computing Devices, Inc., Terre Haute, IN Lines: 45 In article <1726@ruuinf.cs.ruu.nl> edwin@praxis.cs.ruu.nl (Edwin Kremer) writes: >Yesterday I discovered a nasty hole in the Elm security that would >let anybody read no matter whose mailbox. This behaviour only occurs >if you're running a Elm version that is SGID to e.g. group "mail". > >User mailboxes have permissions like: > > -rw-rw---- 1 edwin mail 2813 Oct 21 17:31 /usr/mail/edwin > -rw-rw---- 1 root mail 1069 Oct 19 13:34 /usr/mail/root > >BINMAIL has permissions: > > -r-xr-sr-x 2 bin mail 102400 Feb 17 1989 /bin/mail > >The user mailboxes must be writable by group 'mail' as well in order to >allow the local delivery mailer BINMAIL to write user mailboxes. >The same story goes for Elm, it must read/write user mailboxes and it >should use a BINMAIL like locking mechanism. > We do not have the problem here. Our user mailboxes are setup with permission "-rw-------", and /bin/mail is setup as setuid root, not setgid mail. We are running Ultrix 3.1 and Ultrix 2.3; these are the default permissions as supplied by DEC. You neglected to say what flavor of UNIX you are using. I still think Elm should be corrected, since your setup sounds like a valid way to handle mail security. I found another problem in Elm while checking out yours, however. If a mail folder is specified which you cannot access (such as another user's), Elm will not exit. It comes up saying the mailbox has 0 entries (even though it has several). Typing "Q" or "q" results in Elm saying that the quit has been cancelled, since new mail has just arrived. It then tries to re-read the file (again, finding nothing), and the whole process starts over. I was able to quit with a SIGQUIT. Maybe Elm needs a Meta-Quit? (Or maybe it does, and I just don't know it...) BTW, I'm running ELM PL10. -- Mike Bryan, Applied Computing Devices, 100 N Campus Dr, Terre Haute IN 47802 Phone: 812/232-6051 FAX: 812/231-5280 Home: 812/232-0815 UUCP: uunet!acd4!mjb INTERNET: mjb%acd4@uunet.uu.net "Agony is born of desire; that's what you get for wanting." --- Moev