[ale] Pine and the mail spool
Hat
hackrat at psiu.ml.org
Fri Oct 2 19:55:19 EDT 1998
On Fri, 2 Oct 1998, ari wrote:
> make pine setgid-mail
>
> chgrp mail pine (or chown root.mail pine)
> chmod 2755 pine (or 2711, doesn't matter)
That allows you to use pine to look at anyone's
e-mail! You put a symlink to anyone's inbox in your
~/mail directory, and list folders.
That doesn't make the message go away and it allows people
to use pine to do things they shouldn't be able to do.
Nor does is explain why the permissions below leave something
vunerable.......
> > I used to have it the permissions/ownerships
> >
> > drwxrwxr-x 2 root mail
> >
> > What is wrong with this and what makes this vunerable???
This is what I'm really wondering about!
-Hat
More information about the Ale
mailing list