Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 5/3/83; site linus.UUCP Path: utzoo!linus!smk From: smk@linus.UUCP (Steven M. Kramer) Newsgroups: net.unix-wizards Subject: Re: Mail security Message-ID: <26886@linus.UUCP> Date: Wed, 15-Jun-83 08:00:04 EDT Article-I.D.: linus.26886 Posted: Wed Jun 15 08:00:04 1983 Date-Received: Thu, 16-Jun-83 06:42:47 EDT References: <2095@sri-arpa.UUCP> Organization: MITRE Corp., Bedford MA Lines: 13 I was going to stay out of this argument, but now I can't resist. The 'readability' of a mail file is a compromise of security (if such things are security-relevant things on your system). The ability of someone to rm the mail file is not a loss of security but rather a loss of data integrity. To fix the security problem -- make MAILMODE ~600. To fix the integrity problem, make the mail dir 755 (root) and define the thing that doesn't remove mail when all read (because ucbmail is not setuid). -- --steve kramer {allegra,genrad,ihnp4,utzoo,philabs,uw-beaver}!linus!smk (UUCP) linus!smk@mitre-bedford (ARPA)