On Mon, 30 Nov 2009, Antoine Jacoutot wrote: > Any procmail users around? > I just use procmail in a minimal way, but I'm annoyed by the fact that > it creates mailbox group writable under /var/mail/. I don't see a reason > for it and it also makes the security script complains about the perms. > > Does anyone know of a reason why procmail would use a umask of 007? > If not, could we consider the following:
"Insufficient details" How are you invoking procmail? Via FEATURE(`local_procmail') or via a .forward file? Are the users involved just members of group wheel (the group of /var/mail), or is group wheel their primary group? procmail's algorithm for deciding how to handle the user's mail spool is, well, too elaborate, in an attempt to use the same logic for all sorts of systems. Part of the logic is that if the spool dir is not world writable and the gid that procmail is running as is the same as the group of the spool dir, then it figures new mailboxes should be owned by that group and group writable. (So that's another possible workaround: change the group of the spool to something that no one is a member of.) Philip
