On Sat, 24 Apr 1999, Philip Guenther wrote:
and we must ensure fast recovery once we find our newly installed procmail
configuration problem.
That makes sense. Alternatively, you could just do a "chmod g+w" if
you do change back.
What I am afraid is that once I change to procmail and some mailboxes
created with the ownership <user,user>, then I change back to mail.local,
I have to "chgrp mail /var/mail/*" to change all the mailboxes comfort
with mail.local. It take some time, as I think.
I just checked the source and as long as the spool directory is not
owned by the user that procmail runs as, doing the "chmod g+s" will
solve both of your problems: procmail will set hte spool file to mode
660, group mail.
Thanks for your suggestion. As I am quite greedy :P, as I previously ask,
will g+s make any security impact if a mail client program malfunction and
do any bad attempt on our mailspool.
I would strongly suggest using a user besides 'nobody' -- user 'nobody'
is special to NFS and should not own _anything_. I would suggest
creating a user 'mspool', or something like that, with a uid that's
different from that of every other account and make the mail spool be
the _only_ thing that user owns.
Thanks again.
Yiu