Casper Dik <Casper.Dikat_private> writes: > I'm not sure why all of the Solaris mail programs are actually set-gid > mail. > > If you strip set-gid mail from /usr/bin/mail,, /usr/bin/mailx, > /usr/SUNWale/bin/mailx, /usr/dt/bin/dtmail, /usr/dt/bin/dtmailpr, > /usr/openwin/bin/mailtool nothing should break. > > (At least not if you /var/mail directory has the standard 1777 permissions) > > By forcing a file permission of 600 on mailboxes, group mail should not > gain you anything. Just how do you force 0600 on mailboxes which don't exist (many MUAs remove empty mailboxes?) Since you cannot easily do this, at the very least a malicious user should be able to steal other users' mail. I think. -- Andrew Hilborne
This archive was generated by hypermail 2b30 : Tue May 15 2001 - 13:18:21 PDT