Re: dot-qmail security

[Joel Eriksson]

On Mon, 15 Mar 1999, Dave Sill wrote:

> Brad Shelton <[EMAIL PROTECTED]> wrote:
> >
> >All you have to do is create it as root and make it readable by the mail
> >process for the user. They can read it, but they can't replace it.
> 
> Not true. If the user can write the directory, they can replace it.

They can _read_ it, but not write to it at all. :-) Maildir and other
files / directories must be made by root and chown'ed to the user.

> -Dave

/ Joel Eriksson