* Craig R. Skinner <[email protected]> [2013-12-19 10:18]: > On 2013-12-18 Wed 20:48 PM |, J??r??mie Courr??ges-Anglas wrote: > > [email protected] (Craig R. Skinner) writes: > > > On 2013-12-18 Wed 15:54 PM |, Stuart Henderson wrote: > > >> > > > > Check the security of /var/mail/dirs similar to /var/mail/boxes: > > >> > > > > >> > > >> Indeed, but security(8) really reflects things in the base OS, > > >> > > > > > > smtpd.conf(8) > > > deliver to maildir path > > > Mail is added to a maildir. Its location, path, may > > > contain format specifiers that are expanded before use > > > > > > > > > Therefore: ... deliver to maildir /var/mail/%{user.username} > > "Therefore"? How so? What's the logic, here? > THEREFORE software in base can deliver to maildir in /var/mail
THEREFORE software in base can also deliver mail to /omgohmymail/pr0n/$uid - does that mean we check it in security? The question is rather wether Maildirs in /var/mail are a common enough setup to warrant a check in security. -- Henning Brauer, [email protected], [email protected] BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
