[prev in list] [next in list] [prev in thread] [next in thread]
List: c-client
Subject: Re: imapd /var/mail permission question
From: Sebastian Hagedorn <Hagedorn () spinfo ! uni-koeln ! de>
Date: 2004-03-08 13:52:11
Message-ID: 2147483647.1078757531 () tyrion ! rrz ! uni-koeln ! de
[Download RAW message or body]
--On Montag, 8. März 2004 8:21 Uhr -0500 Michael Cashwell
<mboards@prograde.net> wrote:
> The message is:
>
> 2004-03-08 07:29:12.094 Mail[435] Unhandled response to command CLOSE: *
> NO Mailbox vulnerable - directory /var/mail must have 1777 protection
>
> /var/mail had these permissions at the time:
> drwxrwxr-t 7 root mail 238 8 Mar 07:25 mail
>
> I changed them to:
> drwxrwxrwt 7 root mail 238 8 Mar 07:25 mail
>
> and that did silence the complaint, but in what way is having _more_
> restrictive permissions a vulnerability?
The vulnerability is that a lockfile can't be created, so that another
process might munge the mailbox.
Here's the FAQ entry discussing this:
<http://www.washington.edu/imap/IMAP-FAQs/index.html#7.10>
--
Sebastian Hagedorn PGP key ID: 0x4D105B45
http://www.spinfo.uni-koeln.de/~hgd/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic