On Tue, 16 Mar 1999, Dave Sill wrote:
> >> Brad Shelton <[EMAIL PROTECTED]> wrote:
> >> >
> >> >All you have to do is create it as root and make it readable by the mail
> >> >process for the user. They can read it, but they can't replace it.
> >>
> >> Not true. If the user can write the directory, they can replace it.
> >
> >They can _read_ it, but not write to it at all. :-) Maildir and other
> >files / directories must be made by root and chown'ed to the user.
>
> I didn't say "write", I said "replace". E.g.:
>
> Script started on Tue Mar 16 15:39:17 1999
> sh-2.00$ ls -la
> total 40
> drwxr-xr-x 2 de5 user 40 Mar 16 15:39 .
> drwxr-xr-x 54 de5 user 20480 Mar 16 15:37 ..
> -r--r--r-- 1 root sys 0 Mar 16 15:38 bar
> -rw-r--r-- 1 de5 user 0 Mar 16 15:39 typescript
> sh-2.00$ cat bar
> sh-2.00$ echo foo>bar
> sh: bar: Permission denied
> sh-2.00$ rm bar
> bar: 444 mode. Remove ? (yes/no)[no] : y
> sh-2.00$ ls -la
> total 40
> drwxr-xr-x 2 de5 user 28 Mar 16 15:39 .
> drwxr-xr-x 54 de5 user 20480 Mar 16 15:37 ..
> -rw-r--r-- 1 de5 user 0 Mar 16 15:39 typescript
> sh-2.00$ exit
>
> script done on Tue Mar 16 15:39:53 1999
I know my UNIX quite well, thank you.. It's obvious that you can remove
directory-entries owned by anyone, in a directory owned by you.
That has nothing to do with the suggestion though, that the
_home-directory_ of the user should be owned by root. Perhaps you thought
it was Maildir which should be owned by root?..
> -Dave
