Philip Hazel wrote:
> On Thu, 28 Nov 1996, Mark Murray wrote:
>
> > If the file is removed (and the thread of the discussion is that
> > mode 1777 mailspools are _evil_, remember), John Q Hacker can deny
> > you mail by doing "touch /var/mail/yourname". Most mailers are paid
> > to deliver mail seteuid to the user being delivered to, and will
> > break _horribly_ in this case.
>
> At least Exim doesn't, I hope. If the file owner is wrong, it will
> freeze the message on the queue. This should bring the situation to the
> postmaster's attention.
...and in the meanwhile your poor user is not receiving mail. This is
the whole argument for mode 755 or 775 mailspool dirs.
this is too easy for the casual cracker/crasher:
#!/bin/sh
cd /var/mail #...where /var/mail is mode 1777
for i in `awk -F: '{print $1}' /etc/passwd` ; do
touch $i
done
...and let the poor mail administrator sort out the mess and full
mail spool when he gets back in on Monday.
M
--
Mark Murray PGP key fingerprint = 80 36 6E 40 83 D6 8A 36
This .sig is umop ap!sdn. BC 06 EA 0E 7A F2 CE CE
