Re: [PATCH] Add $umask for mailboxes and attachments
On 2007-03-19 14:54:04 -0700, Brendan Cully wrote:
> On Saturday, 17 March 2007 at 18:40, Thomas Roessler wrote:
[...]
> > - E-Mail systems are typically set up to create inboxes with rather
> > paranoid security settings (typically 0600); regardless of what
> > the user's umask is, e-mail privacy is protected by default.
>
> This makes sense for /var/spool/mail, where the user has no control
> over the permissions of the directory. It makes a little less sense
> for mailboxes in or below $HOME. New mailboxes _in_ $HOME probably
> need this. I don't really see why mailboxes in subfolders would.
Making a difference is unintuitive and dangerous, in particular
because files may still be moved from a private directory to a
public one, and the file permissions won't change automatically.
I think that all mailboxes should be private by default, unless
there are cases where this is a problem and a special variable
could be needed.
--
Vincent Lefèvre <vincent@xxxxxxxxxx> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / Arenaire project (LIP, ENS-Lyon)