[Mimedefang] MIMEdefang mimedefang.sock unsafe

Alexander Dalloz alexander.dalloz at uni-bielefeld.de
Sun Dec 28 13:03:42 EST 2003


Am So, den 28.12.2003 schrieb Network Guy um 18:06:
> I have rh9 with sendmail 8.12.10 like you.  I am NOT a programmer, so I 
> guessed.  Remove defang as the group owner, put it back to root.  Guess 
> that the programmer(s) are checking for ownership, not ownership AND 
> permissions?
> 
> worked for me.
> 
> tod

root as the owner of /var/spool/MIMEDefang and /var/spool/MD-Quarantine
is no good idea. How do you think the Mimedefang process as
unpriviledged user defang should then write to it?

$ ls -ld /var/spool/MIMEDefang/ /var/spool/MD-Quarantine/
drwx------  1234 defang   defang     413696 28. Dez 18:45
/var/spool/MD-Quarantine/
drwx------    2 defang   defang       4096 28. Dez 19:00
/var/spool/MIMEDefang/

This is what I have on RedHat 9 and on Fedora Core 1. Both are running
without any problem.

Alexander 


-- 
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416  14CD E197 6E88 ED69 5653
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <https://lists.mimedefang.org/pipermail/mimedefang_lists.mimedefang.org/attachments/20031228/9ec7fb57/attachment.sig>


More information about the MIMEDefang mailing list