Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!harpo!utah-cs!utah-gr!thomas
From: thomas@utah-gr.UUCP (Spencer W. Thomas)
Newsgroups: net.unix-wizards
Subject: Re: /usr/spool/mail: 0777 or 0755?
Message-ID: <1085@utah-gr.UUCP>
Date: Mon, 20-Feb-84 17:29:01 EST
Article-I.D.: utah-gr.1085
Posted: Mon Feb 20 17:29:01 1984
Date-Received: Tue, 21-Feb-84 08:04:27 EST
References: rlgvax.1716
Lines: 12

The current mailbox locking scheme S**KS for exactly the reason
mentioned by rlgvax!guy -- you can't lock mailboxes when /usr/spool/mail
is not writable.  Leaving /usr/spool/mail writable is a BIG BIG BIG BIG
security hole (write for details, using root login).  We changed mail to
lock on /tmp.  This isn't so good, but it is better.  Seems to me that
on 4.2, which supports advisory file locking, that the file locking
should be used.

Once you've moved the locks off of /usr/spool/mail, then you can go
ahead and change the mode to 755.

=S