Because MH uses the UNIX filesystem (directories and files) to store its messages, UNIX filesystem security affects it. If no other users need to access your MH messages, you can set any level of protection on your home directory and MH directory, anywhere from completely accessible for all users to totally shut off from all users. If other users are sharing your messages, though, you should be sure that they have enough access but not too much. Because MH messages are usually stored under your home directory, giving other users access to some or all of your MH mail means that they could have access to your other files, too. With the information in the Chapter Key Parts of the UNIX Filesystem, and good knowledge of the UNIX filesystem, you can figure out how to set access permissions yourself.
NOTE: xmh is designed more for single users than for sharing other users' mail. The Section MH Directory Path has some of the gory details.
To help you share mail (just reading, or both reading and writing), your system administrator can create UNIX groups: lists of users who are allowed to share files with each other.
CAUTION: If you're really concerned about security and you're not experienced with UNIX filesystem security, ask an expert (like your system administrator) for help.
Here's an example to get you started. If all the members of a UNIX group want to share their mail with each other (reading each others' messages but not being able to modify any):
Folder-protect: 750 Msg-protect: 640
% cd Mail % find . -type f -exec chmod 640 {} \; -o -exec chmod 750 {} \;If a user has thousands of messages and your system is slow, the following shell loop will probably be more efficient. (The Section Sorting Messages: sortm has another shell loop example with an explanation of the loops.) Be sure to use backquotes (`), not single quotes ('):
C shell:
% foreach f (`folders -f -r`) ? echo fixing +$f ? set fp="`mhpath +$f`" ? chmod 750 $fp ? cd $fp && chmod 640 * ? end fixing +apple ... fixing +zoo/zebra %
Bourne and Korn shells:
$ for f in `folders -f -r` > do echo fixing +$f > fp="`mhpath +$f`" > chmod 750 $fp > cd $fp && chmod 640 * > done fixing +apple ... fixing +zoo/zebra $(Careful readers will notice that, in every folder, the loop sets the mode of all messages and any subfolder directories to 640. A subfolder with mode 640 can't be accessed. But, because folders -r always gives the name of a folder before any of its subfolders, the subfolder permission will be set correctly in the next pass of the loop.)
% chmod 700 `mhpath +job_hunting` `mhpath +hate_mail`
Here are three other ways to set protection. Use the examples above, but change the permission modes from 750 and 640, respectively, as shown below:
[Table of Contents] [Index] [Previous: Changing MH Directory Name] [Next: Defining Alternate Mailboxes]
This file is from the third edition of the book MH & xmh: Email for Users & Programmers, ISBN 1-56592-093-7, by Jerry Peek. Copyright © 1991, 1992, 1995 by O'Reilly & Associates, Inc. This file is freely-available; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation. For more information, see the file copying.htm.
Suggestions are welcome: Jerry Peek <jpeek@jpeek.com>