<<< Date Index >>>     <<< Thread Index >>>

Re: [PATCH] Add $umask for mailboxes and attachments



On Tuesday, 20 March 2007 at 12:39, Vincent Lefevre wrote:
> On 2007-03-19 14:54:04 -0700, Brendan Cully wrote:
> > On Saturday, 17 March 2007 at 18:40, Thomas Roessler wrote:
> [...]
> > > - E-Mail systems are typically set up to create inboxes with rather
> > >   paranoid security settings (typically 0600); regardless of what
> > >   the user's umask is, e-mail privacy is protected by default.
> > 
> > This makes sense for /var/spool/mail, where the user has no control
> > over the permissions of the directory. It makes a little less sense
> > for mailboxes in or below $HOME. New mailboxes _in_ $HOME probably
> > need this. I don't really see why mailboxes in subfolders would.
> 
> Making a difference is unintuitive and dangerous, in particular
> because files may still be moved from a private directory to a
> public one, and the file permissions won't change automatically.
> I think that all mailboxes should be private by default, unless
> there are cases where this is a problem and a special variable
> could be needed.

I was not proposing that mutt should examine the path of the
destination mailbox, just noting that defaults that make sense for
/var/spool are less necessary in locations controlled by the user. 

Attachment: pgpO7qx5DkAcg.pgp
Description: PGP signature