Re: IMAP Permissions Problem
On Fri, Oct 10, 2003 at 05:16:34PM -0700, Nathan Saper wrote:
> On Fri, Oct 10, 2003 at 08:10:09PM -0400, Brendan Cully (brendan@xxxxxxxxxx)
> wrote:
> > But I believe the warning should be taken seriously. I am assuming you
> > are using UW-IMAP and that server can't properly lock the inbox. Under
> > the wrong circumstances you could suffer lost mail or a corrupted
> > mailbox. You should try to have the problem fixed.
> I've talked to the tech support people at my IMAP provider, and they're
> convinced that 1777 is a security risk. I don't know what permissions they
> have set now; they won't tell me. It appears I'll just have to live with it
> for now.
The sticky bit makes it much less of a security risk, since users can't
clobber each other's files.
If they don't want to do that, the other common solution is to make the
directory owned by group "mail" and make imapd, Pine, and other programs
that need to lock stuff in the mail spool directory setgid "mail".
Alternately, use procmail to deliver mail to ~/mbox, which imapd should
be able to lock with no problems, and UW IMAPD will look for / read if
it exists.
--
"Since when is skepticism un-American?
Dissent's not treason but they talk like it's the same..."
(Sleater-Kinney - "Combat Rock")