does fedora have anything requiring :mail rw access?
Mike McGrath
mmcgrath at redhat.com
Fri Oct 9 14:36:34 UTC 2009
On Fri, 9 Oct 2009, Michal Hlavinka wrote:
> Hi all!
>
> I've got quite simple question from dovecot's upstream: Why do we have rw
> access on mails for mail group? Why /var/mail/<username> files have 0660
> <username>:mail permissions instead of 0600 permissions? The fact is, I don't
> know the answer and I'd appreciate your help.
>
> Some facts:
>
> distro | group | perm
> ---------+-------+---------
> Fedora | mail | 0660
> Ubuntu | mail | 0600
> openSuSE | users | 0600 (user is member of users group)
> debian 4.0 | mail | 0660
>
> (Note: This is result of my own investigations on installed systems or
> livecds, I don't know if any installed system had changed settings.)
>
> Interesting thing is, that when new user is added to the system, useradd
> creates /var/mail/<username> file with <username>:mail 0660 permissions, but
> when you delete this file and the user gets new email, this file will be
> autocreated with 0600 permissions (still <username>:group owned) and it seems
> everything still works.
>
> useradd command comes from shadow-utils and fedora contains no patch changing
> permissions to 0660.
>
> The most important question is: Is there anything that requires these files can
> be read and written by mail group?
>
> If you have any info regarding this, please share.
>
Just a guess, but if you run useradd from shell, your umask is likely
0002. Sendmail's umask is probably 022 as set in /etc/init.d/functions
That might explain the difference, as to why it's done that way I don't
know.
-Mike
More information about the fedora-devel-list
mailing list