Subject: Re: /var/mail permissions...
To: None <current-users@NetBSD.ORG>
From: Patrick Welche <prlw1@cam.ac.uk>
List: current-users
Date: 05/24/1997 22:30:36
Erik E. Fair wrote:
>
> At 9:44 -0700 5/24/97, Peter Seebach wrote:
> >AFAICT, if you install NetBSD from scratch, non-root users can no
> >longer run mail correctly, because mail will always fail to lock
> >the mailbox, because /var/mail is not writeable by it.
> >
> >While the security problem here is obvious, is there any reason
> >mail isn't being changed to adapt?
> >
> >-s
>
> We need to be consistent about system mailbox locking. If we want to use
> link ('dot') locking, then the directory has to be writable by mere mortals
> (and we gotta modify the mtree stuff). If we decide that flock(2) is The
> Way, then the permissions that /var/mail comes with are just fine, since
> only mail.local will be creating files in there. Just using flock(2) will
> mean that locking won't work on NFS'd /var/mail partitions, but NFS-based
> locks never did work anyway, so only very foolish people actually NFS their
> /var/mail partitions...
>
> I personally recommend that we just use flock(2), and DOCUMENT that we do so=
> =2E
>
> Either way, Mail(1) needs to be fixed.
>
> Erik
>
>
>
Not that I understand the problem, but quoting from the exim manual:
"Exim makes use of the fcntl() system call when locking files."
[...]
"Others who know more about these things and I [Dr Hazel] do support
the view that, as flock() is obsolescent," (...there will be no support
for linux dbm functions that use flock()...)"
Cheers,
Patrick