Yiu Kin Ho <khyiu(_at_)glink(_dot_)net(_dot_)hk> writes:
I am using solaris2.6 and sendmail8.9.1 combined with procmail as MUA.
I have followed the way that mailing list described before to create
mailboxes in ownership <username,mail> permission 660.
...
It works. But "chmod o-w /var/mail" will not allow those users using pine
or elm to create mail lock file in /var/mail. Maillock is important for
us. I also don't want to chmod g+s all the mail programs I am running.
I know I can "chmod g+s /var/mail" instead of "chmod o-w /var/mail". I am
not sure what impact of this setting will be on security. Anyone suggest?
Moreover, how can I hack the src or config.h in order to do "660" and
<user,mail> ownership of the mailbox without changing /var/mail directory?
(I can change to 660 of the mailbox from config.h file but still ownership
cannot be changed)
Let's back up a little. _Why_ do you want the mailboxes to be mode 660?
Philip Guenther