On Fri, 9 Oct 2009, Michal Hlavinka wrote: > Hi all! > > I've got quite simple question from dovecot's upstream: Why do we have rw > access on mails for mail group? Why /var/mail/<username> files have 0660 > <username>:mail permissions instead of 0600 permissions? The fact is, I don't > know the answer and I'd appreciate your help. > > Some facts: > > distro | group | perm > ---------+-------+--------- > Fedora | mail | 0660 > Ubuntu | mail | 0600 > openSuSE | users | 0600 (user is member of users group) > debian 4.0 | mail | 0660 > > (Note: This is result of my own investigations on installed systems or > livecds, I don't know if any installed system had changed settings.) > > Interesting thing is, that when new user is added to the system, useradd > creates /var/mail/<username> file with <username>:mail 0660 permissions, but > when you delete this file and the user gets new email, this file will be > autocreated with 0600 permissions (still <username>:group owned) and it seems > everything still works. > > useradd command comes from shadow-utils and fedora contains no patch changing > permissions to 0660. > > The most important question is: Is there anything that requires these files can > be read and written by mail group? > > If you have any info regarding this, please share. > Just a guess, but if you run useradd from shell, your umask is likely 0002. Sendmail's umask is probably 022 as set in /etc/init.d/functions That might explain the difference, as to why it's done that way I don't know. -Mike -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
