Path: utzoo!utgpu!utstat!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!cs.utexas.edu!ut-emx!dlnash
From: dlnash@ut-emx.UUCP (Donald L. Nash)
Newsgroups: comp.unix.aux
Subject: Re: A/UX Mail files
Summary: Apple did it wrong
Keywords: permissions, mail
Message-ID: <10131@ut-emx.UUCP>
Date: 2 Feb 89 22:51:42 GMT
References: <289@berlin.acss.umn.edu> <981@riddle.UUCP>
Organization: The University of Texas at Austin, Austin, Texas
Lines: 62

In article <981@riddle.UUCP>, domo@riddle.UUCP (Dominic Dunlop) writes:
> In article <289@berlin.acss.umn.edu> grg@berlin.acss.umn.edu
> 	(George Gonzalez) writes:
> >
> >  I have a question for you A/UX gurus.  On our A/UX system all the mail
> >files have too many permissions: i.e.:
> >
> >-rw-rw----  gus
> >-rw-rw----  harry
> >
> >We'd rather have the files be -rw-------, i.e. only accessible by the owner.
> >
> >Don't suggest chmod 600 *, as the mail file gets deleted when you read all
> >your mail; when recreated it gets -rw-rw----- mode again.
> 
> BEWARE!  I'd be almost certain that the group to which the files belong is
> the mail group -- a group to which no user should be allowed to change, and

Dominic goes on to describe how the mail stuff should all be in the group mail
and that the executables should be set-gid.  Well, I checked out how things
are done under A/UX and it is wrong.  /bin/mail is set-Uid root, /usr/mail is
in group bin, and /usr/lib/mailx/rmmail is set-Gid bin.  What follows are two
shell scripts, one to make things like they should be and one to put them back
the way they were.  When these changes are made, the mail files in /usr/mail
have permissions of -rw-rw---- and are in the group mail.  All of the
executables which manipulate the mail files are set-gid mail.  I have tested
this arrangement and it worked for me.  I made sure that I was not root when
I made the tests.

				Donald L. Nash

The University of Texas System		SMTP: dlnash@emx.utexas.edu
Office of Telecommunication Services	UUCP: ...!emx!dlnash

------------------------------cut here------------------------------
#
#   The following changes should be made to the mail subsystem to fix a
#   security hole:
#
chgrp mail /bin/mail			# was in group root
chmod 2755 /bin/mail			# was 4755
chgrp mail /usr/mail			# was in group bin
chgrp mail /usr/lib/mailx/rmmail	# was in group bin

------------------------------cut here------------------------------
#
#   The following changes were made to the mail subsystem to fix a security
#   hole:
#
#	chgrp mail /bin/mail			# was in group root
#	chmod 2755 /bin/mail			# was 4755
#	chgrp mail /usr/mail			# was in group bin
#	chgrp mail /usr/lib/mailx/rmmail	# was in group bin
#
#   The following script will return things to what they were before:
#
chgrp root /bin/mail
chmod 4755 /bin/mail
chgrp bin /usr/mail
chgrp bin /usr/lib/mailx/rmmail

---------------------------------end--------------------------------