Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!bloom-beacon!shelby!csli!carl
From: carl@csli.Stanford.EDU (Carl Schaefer)
Newsgroups: gnu.emacs
Subject: Re: etc/movemail
Message-ID: <8882@csli.Stanford.EDU>
Date: 9 May 89 00:06:11 GMT
References: <8905041550.AA12989@galaxy.compass.com> <527@talos.UUCP>
Sender: carl@csli.Stanford.EDU (Carl Schaefer)
Reply-To: carl@csli.stanford.edu (Carl Schaefer)
Distribution: gnu
Organization: Center for the Study of Language and Information, Stanford U.
Lines: 20

In article <527@talos.UUCP> kjones@talos.UUCP (Kyle Jones) writes:
>For those running systems that support the concept of sticky directories
>I recommend making your mail spool mode 1777.  etc/movemail then need
>not be setuid or setgid.

A world-writable /usr/spool/mail allows mischief of the form:

badguy> touch /usr/spool/mail/goodguy
badguy> chmod a+rw /usr/spool/mail/goodguy

Mail delivered to goodguy is now accessible to anyone.  Alternatively,
badguy can cause mail to goodguy to bounce with 'chmod 0'.

Sticky directories have their uses, but they don't provide adequate
protection for a world-writable mail spool.

Carl
-- 
Carl Schaefer
carl@csli.stanford.edu