/var/mail question
Daniel Bye
dan at slightlystrange.org
Mon Jul 7 09:06:23 PDT 2003
On Mon, Jul 07, 2003 at 11:59:51AM -0400, quadrant wrote:
> I was temporarilly using pine to retrieve my email, and upon exiting the
> program, pine notified me that the /var/mail directory was
> vulnerable, and advised a chmod 1777 of such. The default is 775.
> What are the implications of this, and won't 1777 make the folder more
> vulnerable? My understanding was that if the SUID bit is turned
> on for either U, G or O, that security is more at risk. Please
> let me know what I should do...
> Thanks,
> Eric
chmod 1777 turns on the sticky bit, as well as giving rwx permissions for
all. This is the same as, for example, /tmp.
The sticky bit tells the system to allow only the owner of a file to unlink
that file. That is, although any user can create a file, only the user that
created it may unlink it.
With the default mode of 0775, any member of the group owner of the
directory could delete files. However, provided you only have trusted users
in that group, it shouldn't be a problem. I have never seen such warnings,
so have never given it any thought.
Dan
--
Daniel Bye
PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc
PGP Key fingerprint: 3B9D 8BBB EB03 BA83 5DB4 3B88 86FC F03A 90A1 BE8F
_
ASCII ribbon campaign ( )
- against HTML, vCards and X
- proprietary attachments in e-mail / \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030707/6778bd9e/attachment.bin
More information about the freebsd-questions
mailing list