Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!usc!elroy.jpl.nasa.gov!ncar!midway!gargoyle!chinet!les
From: les@chinet.chi.il.us (Leslie Mikesell)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Keywords: chown, mail
Message-ID: <1990Dec16.221025.24838@chinet.chi.il.us>
Date: 16 Dec 90 22:10:25 GMT
References: <1990Dec11.005644.20688@cbnewsk.att.com> <1990Dec11.203632.7402@chinet.chi.il.us> <1990Dec14.171022.4992@eci386.uucp>
Organization: Chinet - Public Access UNIX
Lines: 22

In article <1990Dec14.171022.4992@eci386.uucp> woods@eci386.UUCP (Greg A. Woods) writes:
>$ ls -l /usr/mail/root
>-rw-rw----   1 root     mail       27820 Dec 12 05:18 /usr/mail/root
>$ MAIL=/usr/mail/root LOGNAME=root /bin/binmail -F woods
>binmail: Invalid permissions
>binmail: Cannot install/remove forwarding without empty mailfile

>Hmm... Yup, it seems secure to me!  Doesn't mean non-superuser chown
>is OK, but IMHO it *is* not only OK, but useful!

Oops, when I said empty file I meant no file (my mail reader always deletes
the file when it is empty).

Does your mail reader always leave a 0 length file in /usr/mail when you
delete all the messages?  Does everyone on the system use the same reader
(or do they all do this)?  Is there ever a time when a user does not
have a file in /usr/mail (say before they have ever received any mail)?
IMHO it would be just as useful if it didn't chown the forwarding file
but left it owned by the uid that actually gave the command.

Les Mikesell
  les@chinet.chi.il.us