On Mon, May 14, 2001 at 10:24:10AM +0200, Casper Dik wrote: > > > I'm not sure why all of the Solaris mail programs are actually set-gid > mail. > > If you strip set-gid mail from /usr/bin/mail,, /usr/bin/mailx, > /usr/SUNWale/bin/mailx, /usr/dt/bin/dtmail, /usr/dt/bin/dtmailpr, > /usr/openwin/bin/mailtool nothing should break. > > (At least not if you /var/mail directory has the standard 1777 permissions) > > > By forcing a file permission of 600 on mailboxes, group mail should not > gain you anything. To correct slightly the picture of a set-gid mail environment: set-gid has nothing to do with writing the inbox. It was in old days (without todays 1000 permission) the only method to allow mail clients the creation of .lock files and the inbox file itself in /var/spool/mail. It was never necessary to let the inbox writeable for group "mail" (of course, probably not true in very old System 7 environments). Therefore, a 600 permission does NOT implicate an unnecessary group mail setup. The delivery into a mailbox is accomplished with user (inbox owner) permission (derived from the set- uid root MTA). J.K. -- Johann E. Klasek Central Technology Services, Dept. Communication Vienna University of Technology Tel: +43 1 58801-42049 <a href="http://pgpkeys.tuwien.ac.at:11371/"> PGP Key jklasek </a>
This archive was generated by hypermail 2b30 : Tue May 15 2001 - 11:15:33 PDT