Buggy Mail Reader

There is a buggy mail reader at /homes/ACMClass/acm50/badmail on
machines compute01.cs.columbia.edu, compute02.cs.columbia.edu, ...
compute08.cs.columbia.edu.  Your job is to trick the mailer into disclosing
things it shouldn't.  Yes, the mailer deliberately has security holes in it...

If you simply invoke the mailer with no operands, it lists the
folders in the mailbox:

	$ /homes/ACMClass/acm50/badmail
	ssol
	courseworks
	inbox

Please do this part *immediately*, to verify that I've set up your
mailbox and the program correctly.

If you invoke it with an operand of "+foldername", it lists the messages
in that folder and their sizes:

	$ /homes/ACMClass/acm50/badmail +inbox
	folder: inbox    msgs: 0
	1: 41 bytes

If you give message numbers:

	$ /homes/ACMClass/acm50/badmail +inbox 1

it displays those messages -- but I haven't shown that...

The goals of the attack are the following:

1)	Figure out where and how mailboxes and folders are stored.  Be
	specific.

2)	Show the names of the folders in the two TAs' mailboxes.  Their
	logins are malek and zhao.

3)	There is exactly one message in my mailbox.  What does it say?

You must explain how you analyzed the program and what commands you
used.  If you write any code -- and you may not need to -- include it.
If you do write code, any language is acceptable.  (You may find that
the 'script' command is useful.)