Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!wuarchive!udel!haven.umd.edu!mimsy!nocusuhs!nmrdc1!rdc30
From: rdc30@nmrdc1.nmrdc.nnmc.navy.mil (LCDR Michael E. Dobson)
Newsgroups: comp.os.minix
Subject: Re: gak! yet another idiot beginner asking stupid stuff!
Message-ID: <1991May13.124327.21919@nmrdc1.nmrdc.nnmc.navy.mil>
Date: 13 May 91 12:43:27 GMT
References: <9852@star.cs.vu.nl> <9105102589@arrakis.nl.mugnet.org>
Organization: Naval Medical Research & Development Command
Lines: 22

In article <9105102589@arrakis.nl.mugnet.org> bert@arrakis.nl.mugnet.org (Bert Laverman) writes:
>In article <9852@star.cs.vu.nl>, gpvos@cs.vu.nl (Gerben 'P' Vos) wrote:
>> jhensley@isis.cs.du.edu (John 'Hawg' Hensley) writes:
>>> [ description of need for world-writable mboxes ]
>> Maybe you can apply the sticky directories patch and make /usr/spool/mail
>> sticky, so anyone can write and create files, but only the owner of a file
>> (and root) can remove it.
>> Would this work? Is this The Right Thing to do?
>It probably would work, but it's _not_ the way to go. /usr/bin/mail is
>(or should be) setuid root, and can therefore create and access all mailboxes
>without any problems. It also chowns them to their owner, so with -rw-------
>access, only the owner of a mailbox can read it.
>
My $0.02, I'd make it setgid mail. Then the mbox is   user  mail -rw-rw----
This would seem to be a little more secure than having /usr/bin/mail a
setuid root program.  This is how it works on my Sys V R3.2 box.

-- 
Mike Dobson, Sys Admin for      | Internet: rdc30@nmrdc1.nmrdc.nnmc.navy.mil
nmrdc1.nmrdc.nnmc.navy.mil      | UUCP:   ...uunet!mimsy!nmrdc1!rdc30
AT&T 3B2/600G Sys V R 3.2.2     | BITNET:   dobson@usuhsb or nrd0mxd@vmnmdsc
WIN/TCP for 3B2                 | MCI-Mail: 377-2719 or 0003772719@mcimail.com