• Next message: hodgen@infko.uni-koblenz.de: "Re: X8514 server update available?"
• Previous message: Bernd Lindner: "Help requested on booting linux on a PC with a SCSI disk."
• Next in thread: Steve M. Robbins: "Re: Any mail or fakemail available for linux ?"
• Maybe reply: Steve M. Robbins: "Re: Any mail or fakemail available for linux ?"
• Maybe reply: Ed Carp: "Re: Any mail or fakemail available for linux ?"
• Maybe reply: Todd Radel: "Re: Any mail or fakemail available for linux ?"
• Reply: Todd Radel: "Re: Any mail or fakemail available for linux ?"
• Reply: Steve M. Robbins: "Re: Any mail or fakemail available for linux ?"
• Reply: Eric Backus: "Re: Any mail or fakemail available for linux ?"
• Reply: Linus Torvalds: "Re: Any mail or fakemail available for linux ?"
• Reply: Zeyd M. Ben-Halim: "Re: Any mail or fakemail available for linux ?"
• Reply: Joel M. Hoffman: "Re: Any mail or fakemail available for linux ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

From: duncan@erim.org (Robert Duncan)
Subject: Any mail or fakemail available for linux ?
Date: Fri, 16 Oct 1992 21:17:48 GMT

| The /var/spool/mail directory on our SPARCserver clusters is also 1777.
| It's not much of a security hole as long as a mailbox exists for each
| user that is at least length 0 and is chmod'ed 600.
|
| Assuming the above holds true, nobody can delete, read, or write to other
| people's mailboxes. All you could do is create a new file in the directory,
| which doesn't seem to be very harmful...

The problem is that someone could write a large enough file to fill
up the partition, thus keeping any new mail from being stored there.

 Robert H. Duncan
 Environmental Research Institute of Michigan
 PO Box 134001 Ann Arbor, MI 48113-4001 taysar!rob
 (313)994-1200 x2880 Internet: duncan@erim.org rob@taysar.mi.org

• Next message: hodgen@infko.uni-koblenz.de: "Re: X8514 server update available?"
• Previous message: Bernd Lindner: "Help requested on booting linux on a PC with a SCSI disk."
• Next in thread: Steve M. Robbins: "Re: Any mail or fakemail available for linux ?"
• Maybe reply: Steve M. Robbins: "Re: Any mail or fakemail available for linux ?"
• Maybe reply: Ed Carp: "Re: Any mail or fakemail available for linux ?"
• Maybe reply: Todd Radel: "Re: Any mail or fakemail available for linux ?"
• Reply: Todd Radel: "Re: Any mail or fakemail available for linux ?"
• Reply: Steve M. Robbins: "Re: Any mail or fakemail available for linux ?"
• Reply: Eric Backus: "Re: Any mail or fakemail available for linux ?"
• Reply: Linus Torvalds: "Re: Any mail or fakemail available for linux ?"
• Reply: Zeyd M. Ben-Halim: "Re: Any mail or fakemail available for linux ?"
• Reply: Joel M. Hoffman: "Re: Any mail or fakemail available for linux ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]