The fix for CVE-2010-2023 disables delivery to files with more
than one link (or fewer?).
For a shared mail directory this is clearly a good thing.
However I have been bitten by this when my .forward file requests
a message be saved to a multiply linked file in my personal mail
directory.
I often have multiple names for a mail folder (though more for
use from my MUA than from my .forward) and appendfile doesn't
allow delivery to a symbolic link (at least by default - there is
the private option allow_symlink). With this change it doesn't deliver
to a hard-linked folder either, which means that the user has to
specify the unique real name of a folder in any .forward file.
Is there a case for a patch to allow delivery to multiply-linked
folders when the permissions on the parent directory preclude
the possibly of the attack in CVE-2010-2023 ?
I presume that all of the sticky bits, plus group and other write
bits clear would be sufficient ?
(At least on systems which forbid hardlinked directories
I think we are safe to assume that the parent directory is the
one that could be vunerable to attack ?)
--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
A.C.Aitchison@??? http://www.dpmms.cam.ac.uk/~werdna
