On Fri, 2004-07-09 at 17:20, Frédéric Sapin wrote:
I'm using linux Fedora Core 2. The permissions are : drwxrwxrwt 2 root mail 32 2004-06-16 04:45 /var/spool/mail/
These permissions are made buy the command chmod a+rwxt /var/spool/mail.
So if someone wants to erase the /var/spool/mail directory, it's possible unfortunately.
And deleting other people's mail isn't actually possible then. That's why there's the +t sticky bit. It's the same as in /tmp directory. Users can only create files and delete their own files, but can't delete files created by others.
Ok it's working with permissions : rwxrwxr-T root mail /var/spool/mail
So like that I think it's enough security. I don't understand the line : mail_extra_groups = mail If I remove mail is it working ?
Thanks
Frederic