[Mimedefang] Clamd permissions on Centos with mimedefang
Philip Prindeville
philipp_subx at redfish-solutions.com
Fri Jan 13 22:18:59 EST 2012
Found the root cause. It's here:
--- mimedefang-2.73-BETA-1/mimedefang.c.orig 2012-01-13 19:15:08.199493147 -0700
+++ mimedefang-2.73-BETA-1/mimedefang.c 2012-01-13 19:14:22.916219168 -0700
@@ -2685,7 +2685,7 @@ main(int argc, char **argv)
#ifdef MILTER_BUILDLIB_HAS_OPENSOCKET
umask(my_umask);
(void) smfi_opensocket(1);
- umask(077);
+ umask(027);
#else
/* Gah, we can't create the socket, so relax the umask from here on */
umask(my_umask);
the workdir, etc. are all being created without group read/execute permissions, even though mimedefang.pl tries to do so:
# Create a subdirectory for storing all the actual message data
my($msgdir) = "Work";
if (!mkdir($msgdir, 0750)) {
fatal("Cannot mkdir($msgdir): $!");
return -1;
}
the 0750 is being squashed with & ~077 to return 0700 as the real permissions...
-Philip
On 1/13/12 6:35 PM, Philip Prindeville wrote:
> I will note that if I lstat() the file, its parent, and its parent's parent and do the following:
>
> [...]
> it works fine... Where do the Work/, Work/mefang-xxx/ and Work/mdefang-xxx/yyy directories/files get created?
>
> I'll come up with a patch to create them with the correct modes...
>
> -Philip
More information about the MIMEDefang
mailing list