Sendmail
Directory protection error messages appearing in sendmail log
- directory /var/spool/mail must have 1777 protection mean? How can I fix this?
In order to update a mailbox in the default UNIX format, it is necessary to create a lock file to prevent the mailer from delivering mail while an update is in progress. Some systems use a directory protection of 775, requiring that all mail handling programs be setgid mail; or of 755, requiring that all mail handling programs be setuid root.
The IMAP toolkit does not run with any special privileges, and we plan to keep it that way. It is antithetical to the concept of a toolkit if users can't write their own programs to use it. Also, we've had enough bad experiences with security bugs while running privileged; the IMAP and POP servers have to be root when not logged in, in order to be able to log themselves in. We don't want to go any deeper down that slippery slope.
Directory protection 1777 is secure enough on most well-managed systems. If you can't trust your users with a 1777 mail spool (petty harassment is about the limit of the abuse exposure), then you have much worse problems then that.
If you absolutely insist upon requiring privileges to create a lock file, external file locking can be done via a setgid mail program named /etc/mlock (this is defined by LOCKPGM in the c-client Makefile). If the toolkit is unable to create a .lock file in the directory by itself, it will try to call mlock to do it. We do not recommend doing this for performance reasons.
A sample mlock program is part of the imap-utils package:
We have tried to make this sample program reasonably secure, but it has not been thoroughly audited.
- Pierre Ficheux, Lectra Syst�mes
- pierre@rd.lectra.fr