Re: [SLUG] "1777" protection in Pine?

From: John Kiolbasa (john@kiolbasa.net)
Date: Tue Mar 23 2004 - 13:03:22 EST


Steven Buehler wrote:

>>>I'm getting an interesting message in Pine:
>>>
>>>"Folder vulnerable - Directory /var/spool/mail must have 1777
>>>protection"
>>>
>>>Any ideas? I do have an imap/pop server running (v. 2002d of the
>>>Washington U. imapd) and from when this started appearing I assume it
>>>has something to do with that.
>>
>>Looks like a permission value to me (chmod 1777 blah), but I'm not quite
>>sure why you'd *want* /var/spool/mail to have those permissions. Maybe
>>it's warning you that it's world-readable?
>
>
> The current permissions:
> drwxrwsr-x 2 root mail 72 Feb 10 17:59 mail/
>
> However, '1777' is not a valid permission (they are only supposed to be
> three digits, correct; owner, group, rest of world?), unless the '1' means
> 'directory'.
>

As I understand it, 1777 is valid, the 1 is the "sticky" flag. It
prevents a file from being deletable by someone other than the file
owner or directory owner. Otherwise, in a world-writeable directory,
someone else could delete your mail spool. Check man chmod to be sure,
I could be wrong.

-- 
John Kiolbasa
john@kiolbasa.net
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS).  Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:38:06 EDT