[tpop3d-discuss] tpop3d, sendmail and owner of mailbox
Ben Schumacher
ben at blahr.com
Wed, 14 Nov 2001 12:23:18 -0700 (MST)
My two cents. Mailboxes in the home directory of the user. Best of both
worlds (sort of). You don't need to have any one directory with weird
permissions, be it 1777 or g+w. Which, of course, is the same argument for
maildirs. dot-locking still sucks though. I don't see why its
needed. Trying to use mbox files over a NFS link is just asking for
trouble anyhow.
Regardless, if you have a poorly configured machine then users can fill up
any number of partitions any number of ways.
Just felt like entering the discussion.
Ben
On Wed, 14 Nov 2001, Chris Elsworth wrote:
> On Wed, Nov 14, 2001 at 09:51:47AM +0000, Chris Lightfoot wrote:
>
> > The reason that mail-group can be chosen in the above way
> > is that on some systems, /var/spool/mail is group mail,
> > g+w, so that a program needs to be setgid mail to write a
> > lock file. On other systems, /var/spool/mail is 1777, a
> > far more sensible default, and anyone can write a lock
> > file into /var/spool/mail.
>
> Not to start an argument or anything, but I share the view that the only
> mode 1777 directory on the entire system should be /tmp.
>
> Any mode 1777 directory has the potential of being filled up (by anyone
> who wants to), thus rendering the partition useless for valid applications
> - I could fill up the drive with any old file in /var/spool/mail if its
> mode 1777, and from that point on, nobody gets any mail.
>
> Group mail, and g+w, is, in my opinion, the more sensible protection
> scheme. Opinions will vary :)