Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!zaphod.mps.ohio-state.edu!wuarchive!udel!brahms.udel.edu!weave
From: weave@brahms.udel.edu (Ken Weaverling)
Newsgroups: comp.unix.sysv386
Subject: mqueue dir 777 ?!
Keywords: uuto security
Message-ID: <18816@brahms.udel.edu>
Date: 18 Feb 91 13:56:25 GMT
Distribution: na
Organization: University of Delaware
Lines: 24

I have a Prime EXL 325 running AT&T SYSV/386 3.1 version 2.

I had a problem with a student sending me annon mail.  I finally figured
out how he did it (using the SMTP port) but in looking around, 
I found that the /usr/spool/mqueue directory was 777. This makes it
awful easy to pop some mail in there and wait for sendmail's next 
sweep to pick it up.

My question is: WHY 777?  

I set it to 770 and all seemed to work, but now uuto is broken. uuto
tries to send mail to the user it just uuto'ed to. Instead of just 
sending it through a MTA, it must insert it directly into mqueue. 

I tried setting uuto's sgid bit to the same as mqueue's group, but 
still won't work. Changing mqueue back to 777 fixes it.

Is there a pd uuto around that'll fix this?

Thanks (of course, this is not near as serious as that damn u-area
security bug being discussed elsewhere. With that around, worrying about
other security problems seems trivial :-)
-- 
>>>---> Ken Weaverling  >>>---->  weave@brahms.udel.edu