> > NO WAY!!! Major security hole!
>
> Not if you make sure your mail clients don't delete empty mail boxes.
> Also, making sure no system id has mail delivered to it's mail box (use
> aliases) and there's no race conditions left to exploit.
Too many "if"'s and "make sure"'s. Better to minimise the number
of apps that can deliver mail to /var/mail, and ensure they use a
co-operating locking scheme. Most mailers these days can hand mail
over to a local delivery agent for writing to a users mailbox.
_That_ is Truth and Beauty :-)).
M
--
Mark Murray PGP key fingerprint = 80 36 6E 40 83 D6 8A 36
This .sig is umop ap!sdn. BC 06 EA 0E 7A F2 CE CE
