Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!decvax!wivax!linus!allegra!eagle!mhuxt!mhuxi!mhuxa!houxm!hou2b!wcs From: wcs@hou2b.UUCP Newsgroups: net.mail,net.unix-wizards Subject: Re: Mail Security and Locking Problems Message-ID: <22@hou2b.UUCP> Date: Thu, 2-Jun-83 19:06:24 EDT Article-I.D.: hou2b.22 Posted: Thu Jun 2 19:06:24 1983 Date-Received: Tue, 7-Jun-83 14:52:26 EDT References: utah-cs.1649 Lines: 23 Jay Lepreau points out that several programs under 4.1BSD create their lock files in /usr/spool/mail. This implies that the directory be writable, and hence I have a problem: I am running a fairly old copy of 4.1BSD, so maybe this has been fixed. When I send mail to "joe", and he doesn't have a /usr/spool/mail/joe file, it is created with MY userid and umask permissions. Thus, even if joe can read his mailfile, he probably can't write to it, and neither can anyone but myself. The main time this problem occurred was when joe read, and deleted, all his mail, and Mail deleted the mailfile for him. I had solved this by setting /usr/spool/mail to dr-xr-xr-x owned by root, and creating mailfiles for all my users with the appropriate ownership and permissions. This allowed them to modify, but not delete, their files, and it seemed to work fine. Do I now have to change this to allow lock files to be created, and has this problem been fixed already? Thanks; Bill Stewart BTL-HO x0705 hou2b!hoscf!bin or hou2b!hoscf!bill