Apur-ee.132 fa.unix-wizards utzoo!decvax!pur-ee!rick Wed Sep 9 19:12:35 1981 /usr/spool/mail The problem is that mail should not chown a file it didn't create. If the directory is writable, there are so many things you can do, there will always be a way around your fixes. The discussion seems to be centering on the suid bits of /usr/spool/mail/root. Various solutions have been offered including chmoding the file to mode 600 to get rid of the suid bits. If the site runs "at", you dont have to have the suid bit on in /u/sr/spool/mail. Just do an "at current-time+1" and enter the commands chown 0/0 /bin/sh;chmod 4755 /bin/sh to at. "at" will happily put the commands in /u/spool/at/something. You then link /usr/spool/mail/root to /usr/spool/at/whatever and mail root. Presto-- "at" thinks that root owns the command file and runs it and /bin/sh is suid root. One shouldn't try to cure the symptoms, but to eradicate the disease. ---rick (pur-ee!rick) ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.