Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!samsung!olivea!tymix!cirrusl!ss132!dhesi
From: dhesi%cirrusl@oliveb.ATC.olivetti.com (Rahul Dhesi)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Keywords: chown, mail
Message-ID: <2803@cirrusl.UUCP>
Date: 14 Dec 90 08:12:50 GMT
References: <2800:Dec1001:29:4890@kramden.acf.nyu.edu> <1990Dec11.005644.20688@cbnewsk.att.com> <1990Dec11.203632.7402@chinet.chi.il.us> <1990Dec13.192712.25225@cbnewsk.att.com>
Sender: news@cirrusl.UUCP
Organization: Cirrus Logic Inc.
Lines: 12

In <1990Dec13.192712.25225@cbnewsk.att.com> hansen@pegasus.att.com
(Tony L. Hansen) writes:

>...the numerous security problems in BSD mail
>through the years (using setuid-root, world-writable mail area, or various
>other schemes)

Is there a security problem if the mail spool directory is world-
writable but its sticky bit is set?
--
Rahul Dhesi <dhesi%cirrusl@oliveb.ATC.olivetti.com>
UUCP:  oliveb!cirrusl!dhesi