On Mon, 17 Jul 2000, T&B wrote:

> It seems that imapd uses temp files to facilitate such multiple
> access. The problem was, however, that macbsd "ships" with the
> /tmp and /var/tmp directories with no write access for anyone
> except root.

How did you install the sets? The installer/sysinstall gets the
permissions right, but if you use "pax" or "tar", you'd need to use
the appropiate options (-pe for pax, -p for tar).

> I am a bit of a novice at this unix and macbsd stuff (can you
> tell? ;-) By giving everyone access to the tmp directories,
> doesn't that allow user a to read user b's tmp files?

Not necessarily. Read access to a directory means that the files in it
can be listed, not read. The file's permissions decide whether a file
can be read. The real problem with chmod 777 is that files in the
directory can be deleted or renamed by anyone. Better than chmod 777,
/tmp and /var/tmp ship chmod 1777, that is, with the sticky bit set.
This limits users to deleting only the files in that directory of
which they are owner.


Frederick