[Pkg-shadow-devel] Permissions of /var/mail/$USER

Steve Langasek vorlon at debian.org
Mon Oct 12 01:00:47 UTC 2009 

On Sun, Oct 11, 2009 at 06:26:33PM -0400, Timo Sirainen wrote:
> On Oct 11, 2009, at 8:49 AM, Nicolas François wrote:

> >>>When an user is created, useradd creates a /var/mail/$USER
> >>>mailbox with
> >>>the mode 0660 (owned by $USER:mail).
> >>>
> >>>I heard this causes some issues for dovecot, and a solution
> >>>could be to
> >>>move to mode 0600.
> >IIRC, it was a problem for the support of shared mailboxes.
> >Index files are created whose permissions mimic the mailbox'
> >permissions.
> >The 'mail' group ownership would require dovecot to be in the mail
> >group.

> >I assume that this could be solved internally by dovecot, but it
> >would be
> >easier (and safer) to move to a 0600 policy.

> Correct. There's no reason for mailboxes to be 0660 in most systems,
> they'll only make it easier to exploit some security hole read
> everyone's mail. So although Dovecot could work around this issue,
> I've always just instructed people to do chmod 0600 /var/mail/* as a
> way to solve it.

However, Debian policy 11.6 specifies that:

     Mailboxes are generally either mode 600 and owned by <user> or mode
     660 and owned by `<user>:mail'[3].  The local system administrator may
     choose a different permission scheme; packages should not make
     assumptions about the permission and ownership of mailboxes unless
     required (such as when creating a new mailbox).  [...]

So if dovecot isn't coping properly with 0660 mailboxes, that's a policy
violation on the part of dovecot.

(I have no opinion on changing the default behavior of useradd, but this
should not be used to paper over a bug in dovecot.)

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek at ubuntu.com                                     vorlon at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20091011/442a40e9/attachment.pgp>

More information about the Pkg-shadow-devel mailing list