*** pop_dropcopy.c	Sat Jun  8 14:44:01 1996
--- pop_dropcopy.c	Sat Jun  8 14:50:46 1996
***************
*** 755,760 ****
--- 755,761 ----
                                                          the SERVER maildrop */
      FILE		    *tf;		    /*  The temp file */
      int			    tfn;		    
+     char		    template[POP_TMPSIZE];  /*  Temp name holder */
      char                    buffer[MAXLINELEN];     /*  Read buffer */
      long                    offset;                 /*  Old/New boundary */
      int                     nchar;                  /*  Bytes written/read */
***************
*** 788,793 ****
--- 789,805 ----
      }
  #endif
  
+     /* First create a unique file.  Would prefer mkstemp, but Ultrix...*/
+     strcpy(template,POP_TMPDROP);
+     if (((tfn=mkstemp(template)) == -1) ||
+ 	((tf=fdopen(tfn, "w+")) == NULL)) {	/* failure, bail out	*/
+         pop_log(p,POP_PRIORITY,
+             "Unable to create temporary temporary maildrop '%s': %s",template,
+                 (errno < sys_nerr) ? sys_errlist[errno] : "") ;
+         return pop_msg(p,POP_FAILURE,
+ 		"System error, can't create temporary file.");
+     }
+ 
      /* Here we work to make sure the user doesn't cause us to remove or
       * write over existing files by limiting how much work we do while
       * running as root.
***************
*** 801,806 ****
--- 813,831 ----
  	pwp->pw_gid = mybuf.st_gid;
  # endif
  #endif
+ 
+     /* Now give this file to the user	*/
+     (void) chown(template, (UID_T)pwp->pw_uid, (GID_T)pwp->pw_gid);
+     /* (void) chmod(template,0600); umask now handles this */
+ 
+     /* Now link this file to the temporary maildrop.  If this fails it
+      * is probably because the temporary maildrop already exists.  If so,
+      * this is ok.  We can just go on our way, because by the time we try
+      * to write into the file we will be running as the user.
+      */
+     (void) link(template,p->temp_drop);
+     (void) fclose(tf);
+     (void) unlink(template);
  
      /* Now we run as the user. */
      (void) setgid((GID_T)pwp->pw_gid);
*** popauth.c	Sun Jun  9 12:56:38 1996
--- popauth.c	Sun Jun  9 13:00:51 1996
***************
*** 36,43 ****
  #include <sys/file.h>
  #endif
  
! #ifdef BSDI
! #define BSD44_DBM
  #endif
  
  #ifdef NEED_STRERROR
--- 36,51 ----
  #include <sys/file.h>
  #endif
  
! #ifdef		HAVE_PARAM_H
! #include <sys/param.h>
! # if (defined(BSD) && (BSD >= 199103))
! #  define	HAVE_UNISTD_H
! #  define	HAVE_VSPRINTF
! #  define	BIND43
! # endif
! # if (defined(BSD) && (BSD >= 199306))
! #  define	BSD44_DBM
! # endif
  #endif
  
  #ifdef NEED_STRERROR