Why would the sticky bit NOT be set on /var/spool/mail ???

Joe(theWordy)Philbrook jtwdyp at ttlc.net
Sun Jan 15 22:58:49 UTC 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


I started with kubuntu 5.10, did apt-get install mail. Which also got
me postfix. And a configuration "wizard?" which helped me set up for
local mail... (I use pine to access my ISP provided mail boxes/servers
directly. and "mail" to send local messages...)

I did nothing to change anything about my local inbox folder accept 
mailing myself a couple of test messages... However I've noticed that
when I start pine it puts the following warning on it's status line for
a few seconds. 

[Folder vulnerable - directory /var/spool/mail must have 1777 protection]

I wasn't sure what it was talking about, but on a guess perhaps octal mode
values for chmod... 

a quick look at the man page for chmod indicated that a 1 in the
leftmost position of the 4 octal digits was the "sticky bit" and that on
world writable directories, it was used to prevent others besides the
owner of a file and/or root from doing nasty things like deleting or
renaming the file... Hmmmnnn Better have a look see.

Extracted from "ls -l /var/spool" :

lrwxrwxrwx   1 root   root       7 Dec 12 06:47 mail -> ../mail

Ok so it's a link to /var/mail...

Extracted from "ls -l /var" :

drwxrwsr-x   2 root mail  4096 Jan  5 22:57 mail

Since I'm not so good at interpreting the finer points of the symbolic
representation of permissions I checked via mc and sure enough it didn't
have the sticky bit set... 

Since my linux box is really a PC with no remote access, it probably
didn't matter, but on general principles I set it...

New extract from "ls -l /var" :

drwxrwsr-t   2 root mail  4096 Jan  5 22:57 mail


My question is why wouldn't this sticky bit have been set by default on
kubuntu????

   #############################################################
   ##_if_you'd_prefer_an_clearsigned_".asc"_text_file_of_this_##
   ##message_as_an_mime_encoded_attachment,just_ask_me_while__##
   ##it's_STILL_IN_my_outbox_folder_._._._=+=+=+=+=+=+=+=+;-)_##
   #gpg sig for: Joe (theWordy) Philbrook DSA key ID 0x6C2163DE#
   # You can find my public gpg key at http://pgpkeys.mit.edu/ #
   #############################################################
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDytNBRZ/61mwhY94RAnMTAJ41kW4/g/GTAisduS8PE/sKv7VpqQCgyVXq
q3ub9RBxg/EjH6e40zpC0Rc=
=20v8
-----END PGP SIGNATURE-----
-- 
|      ?           ?		
|			
|        -=-   -=-	 I'm NOT clueless...    	
|        <?>   <?>    	But I just don't know.  	
|            ^          Joe (theWordy) Philbrook           
|           ---  	     J(tWdy)P
|			  <jtwdyp at ttlc.net> 
|      ?           ?

More information about the kubuntu-users mailing list