10 Mar
2008
10 Mar
'08
11:05 a.m.
Timo Sirainen a écrit :
How about just setting /var/mail 01777?
I believe this allows any user to create /var/mail/anotheruser if it does not exist yet. We have several hundred accounts and new ones regularly created, so this is a risk (that could perhaps be mitigated by creating the inbox at the same time as the account ?). Also the Debian policy specifies that /var/mail be 2775, not that it is sacred to me, but since there are other Debian-packaged MDAs/MUAs on the system I'm a bit wary about changing that.
A possibly simple solution (and wishlist item) would be that deliver use an external dotlocking program if needed (dotlockfile, mlock...).