Path: utzoo!utgpu!attcan!uunet!ncrlnk!ncrcae!hubcap!gatech!purdue!decwrl!pyramid!nsc!datack!altnet!ernie!peter
From: peter@ernie.NECAM.COM (Peter DiPrete)
Newsgroups: comp.unix.wizards
Subject: Nasty Security Hole?
Keywords: mail permissions security
Message-ID: <175@ernie.NECAM.COM>
Date: 9 Nov 88 06:32:42 GMT
Distribution: na
Organization: NEC America RATS, San Jose, CA
Lines: 37


I surprised myself last week when I creamed the mail directory on our LAN
composed of Sun 3/60's, Sun 4/280, and Vax 8250 running Ultrix 2.3. The
surprise was that I wanted to clean off some files on a diskless client.

I used an "rm -r" on a filesystem "above" /usr/spool/mail (i think it was
/usr/spool, but I forget now). I was su'd to root at the time so as to be
sure I cleaned up thoroughly. It worked. Too well. The surprise is that
the mail filesystem is nfs mounted from the vax and I was working from one of
the (diskful) 60's. Since I "knew" root was translated into "nobody" over
the net, I was a little careless in my use of commands (next time, I'll 
be sure to use "find . -xdev -exec rm {} \;").  I did not think that root ac
ross a NFS mount could do such damage (all mail  was lost!).

So I experimented a little and found out that *anyone* at *anytime* can
blow away *any mailbox* since the mail directory has liberal permissions.
I even tried various combinations of set{gu}id and sticky bits on the directory.
I met with no success.

Here's the question, since the mail directory *must* have liberal
permissions to allow any user access to his/her mailbox, how can I
protect people's files. Even if a file has permissions set to 000,
any other user can blow it away! Can I protect people's mail better than this?
Actually, what I'd *really* like to do is to put people's mail in their home
directory since that would make NFS mounting the mail partition unneccessary.

Thanks in advance for all the help I know will come of this,
Peter Di Prete
NEC America
408-922-3829
{sun, uunet!altnet}!ernie!peter

-- 
						Peter Di Prete @ NEC America
						408-922-3829
						sun!imagen!ernie!peter
						...!uunet!altnet!ernie!peter