Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!cbatt!cbuxc!cbuxb!cbrma!karl
From: karl@cbrma.UUCP
Newsgroups: comp.unix.questions
Subject: Re: keeping your mailbox secure, even with mailx
Message-ID: <5620@cbrma.att.com>
Date: Mon, 19-Jan-87 17:00:18 EST
Article-I.D.: cbrma.5620
Posted: Mon Jan 19 17:00:18 1987
Date-Received: Tue, 20-Jan-87 07:00:10 EST
References: <121@falkor.UUCP>
Organization: AT&T-BL, Columbus
Lines: 28
Summary: My machines don't have your problems

In article <121@falkor.UUCP> psc@lzaz.UUCP (Paul S. R. Chisholm) writes:
>As most people know, your mailbox (where incoming mail is stored before
>you read it, usually /usr/mail/$LOGNAME) is by default world readable.
>This has been very amusing to would-be hackers, and very embarrassing to
>couples sending each other electronic love notes.

I have just spent a few minutes and experimented with a herd of the
systems I have available to me here in my department.  In all cases,
my mailbox is created 0660 no matter whether I use mailx as a front
end, or just go straight for the gills with /bin/mail (actually
/bin/lmail, due to having installed smail).  The set of machines on
which I just tried this out includes:

	cbrma: VAX-11/780 SysV.0
	cbrmb: VAX-11/780 SysV.2.2
	cbrmc: PDP-11/70 SysIII
	cbrmd: PDP-11/70 SysV.0
	cbrme: 3b20 SysV.2.1
	cbstr1:3b15 SysV.2.1
	bacon: 3b2 SysV.2.0.4
	byron: 3b2 SysV.2.0.5

That list includes a couple of network-invisible machines.  I daresay
that it constitutes a representative sample of systems and software.
No such problems on any of them.  Has someone hacked up your software
locally?
-- 
Karl