Re: newalias permissions problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Sa, den 25.06.2005 schrieb Matthew Saltzman um 16:07:

> In my freshly installed FC4,
> 
>  	$ ls -l /etc/aliases*
>  	-rw-r--r--  1 root root   1512 Apr 25 12:48 /etc/aliases
>  	-rw-r-----  1 root smmsp 12288 Jun 24 20:27 /etc/aliases.db
> 
> so the fix for the original problem would just be
> 
>  	chown root /etc/aliases.db
> 
> The rest of the permissions were fine.

>  		Matthew Saltzman

The group ownership by smmsp of the aliases.db isn't correct, following
the Sendmail documentation. Please see "FILE AND MAP PERMISSIONS" at top
of /usr/share/doc/sendmail/README.

"If the permissions 0640 are used, be sure that only trusted users
belong
to the group assigned to those files.  Otherwise, files should not even
be group readable."

I even don't see a need for the MSP user to be able to read the
aliases.db.

And "smmsp" is not a trusted user - and never should be one! In the past
it has been one by the default Sendmail configuration, but that has been
corrected by the maintainer after I informed him about this severe setup
fault.

As a reference to former discussion:

https://www.redhat.com/archives/fedora-list/2004-January/msg06394.html

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.27_FC2smp 
Serendipity 16:40:39 up 4 days, 54 users, load average: 0.14, 0.19, 0.15

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux