===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/mail/v7.local.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -c -r1.8 -r1.9
*** src/usr.bin/mail/v7.local.c	1997/07/14 00:24:31	1.8
--- src/usr.bin/mail/v7.local.c	1997/07/30 06:32:41	1.9
***************
*** 1,4 ****
! /*	$OpenBSD: v7.local.c,v 1.8 1997/07/14 00:24:31 millert Exp $	*/
  /*	$NetBSD: v7.local.c,v 1.8 1997/05/13 06:15:58 mikel Exp $	*/
  
  /*
--- 1,4 ----
! /*	$OpenBSD: v7.local.c,v 1.9 1997/07/30 06:32:41 millert Exp $	*/
  /*	$NetBSD: v7.local.c,v 1.8 1997/05/13 06:15:58 mikel Exp $	*/
  
  /*
***************
*** 38,44 ****
  #if 0
  static char sccsid[] = "@(#)v7.local.c	8.1 (Berkeley) 6/6/93";
  #else
! static char rcsid[] = "$OpenBSD: v7.local.c,v 1.8 1997/07/14 00:24:31 millert Exp $";
  #endif
  #endif /* not lint */
  
--- 38,44 ----
  #if 0
  static char sccsid[] = "@(#)v7.local.c	8.1 (Berkeley) 6/6/93";
  #else
! static char rcsid[] = "$OpenBSD: v7.local.c,v 1.9 1997/07/30 06:32:41 millert Exp $";
  #endif
  #endif /* not lint */
  
***************
*** 65,77 ****
  	int buflen;
  {
  	char *mbox;
  
! 	if (!(mbox = getenv("MAIL")))
! 		(void)snprintf(buf, buflen, "%s/%s", _PATH_MAILDIR, user);
! 	else {
  		(void)strncpy(buf, mbox, buflen - 1);
  		buf[buflen - 1] = '\0';
! 	}
  }
  
  /*
--- 65,82 ----
  	int buflen;
  {
  	char *mbox;
+ 	struct stat sb;
  
! 	/* Ignore $MAIL if it is not owned by the invoking user */
! 	if ((mbox = getenv("MAIL")) && stat(mbox, &sb) == 0 &&
! 	    sb.st_uid != getuid() && sb.st_uid != geteuid())
! 		mbox = NULL;
! 
! 	if (mbox) {
  		(void)strncpy(buf, mbox, buflen - 1);
  		buf[buflen - 1] = '\0';
! 	} else
! 		(void)snprintf(buf, buflen, "%s/%s", _PATH_MAILDIR, user);
  }
  
  /*