On Mon, Jul 13, 1998 at 06:01:31PM +0200, Santiago Vila wrote: > > On Mon, 13 Jul 1998, Herbert Xu wrote: > > > Package: procmail > > Version: 3.10.7-6 > > > > It seems that procmail is creating mailboxes with mode 660 (the MTA is > > sendmail) and this is quite insecure as security holes in MUA's could lead > > to private emails being accessed by unauthorised individuals. The correct > > mode is of course 600. > > I don't know what you mean with "of course" but policy says: > > 4.5 Mail transport agents > > [...] > > Mailboxes are generally 660 user.mail unless the user has chosen > otherwise.
OK, can someone provide that rationale for this please? It seems completely broken to me. -- Debian GNU/Linux 2.0beta is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
