Peter Weilbacher wrote: > On Tue, 30 Jul 2002 17:05:10 +0200, Travis Crump wrote: > > >>The mail spool files themselves are still 0660 and owned by the >>user... > > > OK, so nobody can read mail of somebody else. But if the dir is world > writable everybody can still *delete* the mails of all other users...
pretzalz@Pretzalz:/var/mail$ ls pretzalz yoster pretzalz@Pretzalz:/var/mail$ rm yoster rm: remove write-protected file `yoster'? y rm: cannot unlink `yoster': Operation not permitted pretzalz@Pretzalz:/var/mail$ ls pretzalz yoster pretzalz@Pretzalz:/var/mail$ echo test > yoster bash: yoster: Permission denied pretzalz@Pretzalz:/var/mail$ ls -ld . drwxrwxrwt 2 root mail 4096 Jul 30 18:58 . I must be missing something here....
