HPE Community
Operating System - HP-UX
1752412 Members
5711 Online
108788 Solutions
New Discussion юеВ

deleting /var/mail/<user> as non-superuser

 
Usman Chaudhary
New Member

тАО01-15-2002 12:05 PM

тАО01-15-2002 12:05 PM

deleting /var/mail/<user> as non-superuser

Ok, I'm going crazy here.

As a regular user, when I get mail a new file is created in /var/mail/ - I supposedly own this file. If I use Elm to delete all my messages, the file disappears.

But I CANNOT -directly- delete the file:

> (phil) /var/mail> rm phil
> rm: phil not removed. Permission denied

Apparently, only root can "rm" this file.

Can somebody tell how I can delete this file???? (Why can Elm do it but I can't?)

Thank you!!!!!!



0 Kudos
Reply
10 REPLIES 10
Sridhar Bhaskarla
Honored Contributor

тАО01-15-2002 12:12 PM

тАО01-15-2002 12:12 PM

Re: deleting /var/mail/<user> as non-superuser

Hi Usman,

Look at the permissions of the directory /var/mail. You need to have a write permission on it to delete your file.

Also look at the man page of rm.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Craig Rants
Honored Contributor

тАО01-15-2002 12:12 PM

тАО01-15-2002 12:12 PM

Re: deleting /var/mail/<user> as non-superuser

Instead of removing your file, why don't you clear it out?

cat /dev/null > /var/mail/phil

This ofcourse is not the "proper" way to do this, but you won't screw anything up this way.

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

тАО01-15-2002 12:13 PM

тАО01-15-2002 12:13 PM

Re: deleting /var/mail/<user> as non-superuser

Hi Usman,

Look at the permissions of the directory /var/mail. You need to have a write permission on it to delete your file.

Also look at the man page of rm. For elm, it has the effective group id set to mail that owns the /var/mail directory. So, you can delete your mailbox using elm.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Jeff Machols
Esteemed Contributor

тАО01-15-2002 12:14 PM

тАО01-15-2002 12:14 PM

Re: deleting /var/mail/<user> as non-superuser

in order to have permission to delete a file, you have to have write permission on the directory (/var/mail) which normal users don't. The only thing write perms on a file do, is give you permission to write to it, NOT delete it. What you can do though is

# cp /dev/null /var/mail/username

this is just as good as removing the file
0 Kudos
Reply
Darrell Allen
Honored Contributor

тАО01-15-2002 12:18 PM

тАО01-15-2002 12:18 PM

Re: deleting /var/mail/<user> as non-superuser

Hi,

The elm executable is group mail and has the setgid bit on:
-r-xr-sr-x 1 bin mail 487424 Mar 14 2001 /bin/elm

/var/mail has rwx for group mail but r-x for others. So when you run elm, the setgid bit gives you the permissions for group mail which can delete files in /var/mail.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
Mark Fenton
Esteemed Contributor

тАО01-15-2002 12:29 PM

тАО01-15-2002 12:29 PM

Re: deleting /var/mail/<user> as non-superuser

I suppose I don't understand the necessity -- who can view it besides you and the root user?

0 Kudos
Reply
Helen French
Honored Contributor

тАО01-15-2002 12:36 PM

тАО01-15-2002 12:36 PM

Re: deleting /var/mail/<user> as non-superuser

Hi,

Another eg: is the 'passwd' command. It actually writes /etc/passwd file. But if u r trying to write/remove that file (as a normal user), it won't let u do that.

This is just what ur 'elm' command does. However, if u have write permission to the specific file/directory, you will be able to remove any file.

HTH,
Shiju
Life is a promise, fulfill it!
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

тАО01-15-2002 12:37 PM

тАО01-15-2002 12:37 PM

Re: deleting /var/mail/<user> as non-superuser

Mark,

It's not necessity but required. The only way to let the user delete his/her file "manually" is by giving him/her write access to the directory. However giving this access will also let him/her delete other mail folders. And the way to control is using the sticky bit on the directory.

So, this is the reason why mail only has write permissions to the directory while the individual users have permissions on thier mailboxes.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Darrell Allen
Honored Contributor

тАО01-15-2002 02:26 PM

тАО01-15-2002 02:26 PM

Re: deleting /var/mail/<user> as non-superuser

Okay, I re-read the question(s). Most of us addressed the second part of the question (why a normal user can't delete his mail file).

Craig comes closest to answering the first part: how a normal user can delete his mail file. He can't BUT he can zap it with Craig's suggestion (or simply use ">/var/mail/phil").

Sri, you are correct in why mail needs to be done this way (no write access for normal users on /var/mail) so that users can't delete other user's mail.

For clarification, I intrepret Mark's question as "why would a normal user need (or want) to delete his mail file". Perhaps it is getting rather large and the user simply doesn't want to read it. Mark is correct that only the user and root can read the normal user's mail (providing normal permissions are in place) so one doesn't have to be concerned with someone else reading it.

Maybe it doesn't matter but I think users should read their mail (or at least the subject line) before arbitrarily zapping it.

Darrell (who was sticking my nose into what I perceived to be a mis-understanding) :-)




"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.