/usr/spool/mail: 0777 or 0755? - (nf)
jab at uokvax.UUCP
jab at uokvax.UUCP
Thu Feb 23 14:13:22 AEST 1984
#R:yale-com:-292600:uokvax:6200020:000:415
uokvax!jab Feb 18 09:18:00 1984
If /usr/spool/mail (/usr/mail on System V) is writable, then people can remove
other people's mailboxes. Admittedly, the "sticky directory" idea that is in
one of the Berkeley systems (i.e. "+t" on directory means you can only unlink
files that you own) helps this.
I would hope that people on your system aren't malicious enough to do this, but
an accidental "rm -f" in the wrong directory can do wonders.
Jeff
More information about the Comp.unix.wizards
mailing list