Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 5/3/83; site watmath.UUCP Path: utzoo!watmath!bstempleton From: bstempleton@watmath.UUCP (Brad Templeton) Newsgroups: net.unix-wizards Subject: Re: Mail security Message-ID: <5392@watmath.UUCP> Date: Mon, 13-Jun-83 03:46:00 EDT Article-I.D.: watmath.5392 Posted: Mon Jun 13 03:46:00 1983 Date-Received: Mon, 13-Jun-83 04:46:28 EDT References: <2017@sri-arpa.UUCP> Organization: U of Waterloo, Ontario Lines: 23 Come on, guys. Mail security is not hard at all. First of all, ignore that /bin/mail calls delivermail calls /bin/mail -d This is a kludge of a high order, although not hard to get around, since you just have to split the two programs. Delivermail gets no powers. You give the delivery programs the power. This includes something like /bin/mail -d and uux (on our system uucp is secure) etc. Now, if you leave /usr/spool/mail writable so mailers can release mailboxes, you are of course leaving lots of holes. If, however you secure it and right a small utility suid to the owner of /usr/spool/mail that will release the mailbox of getuid() then mailers can call this. Voila, you are secure. There is no need to have group permissions or anything else as I see it. Mind you, why not put the mailbox in the user's directory (perhaps in a system-files directory if we can ever get one going) and avoid any problems you imagine. . -- Brad Templeton - Waterloo, Ont. (519) 886-7304