[prev in list] [next in list] [prev in thread] [next in thread]
List: amavis-user
Subject: Re: Temp files cleanup?
From: Noel Jones <njones () megan ! vbhcs ! org>
Date: 2012-11-26 1:39:07
Message-ID: 50B2C83B.5080401 () megan ! vbhcs ! org
[Download RAW message or body]
On 11/25/2012 3:09 PM, Glenn Park wrote:
> On Sun, Nov 25, 2012 at 12:54 PM, Noel Jones <njones@megan.vbhcs.org> wrote:
>> On 11/25/2012 12:44 PM, Glenn Park wrote:
>>>
>>> 1) The directories inside $TEMPBASE/tmp are created with amavis:amavis
>>> rwxr-x--- permissions so they are not world readable, even when the
>>> $TEMPBASE/tmp directory is. Is there a problem with that? For
>>> example:
>>>
>>> drwxrwxrwt 10 root root 200 Nov 24 18:11 ./
>>> drwxr-xr-x 23 root root 800 Nov 24 18:03 ../
>>> drwxr-x--- 3 amavis amavis 80 Nov 24 18:00 amavis-20121124T180038-01142/
>>> drwxr-x--- 3 amavis amavis 80 Nov 24 18:10 amavis-20121124T181021-01143/
>>
>> The $TEMPBASE/tmp directory should also be drwxr-x--- amavis:amavis.
>
> Why? Just on principal? Nothing seems to break like this & the
> content is not readable by other users, why do you say this?
>
Because I don't want to waste my time doing a full analysis when I
know it's secure with a private $TEMPBASE/tmp. It's probably Ok,
for some value of probably.
Why would you want to use a probably secure configuration instead of
one known secure?
Good luck. Over and out.
-- Noel Jones
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic