Solved

More RH6.2 wierdness.

Posted on 2000-05-17
9
187 Views
Last Modified: 2013-12-15
May 17 21:19:59 gatekeeper ipop3d[5222]: Mailbox vulnerable - directory /var/spool/mail must have 1777 protection

Resetting the perms to 1777 works, but after a random time, this error is back. With no clue in the logs as to what has changed :-/
0
Comment
Question by:j2
  • 5
  • 4
9 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2819965
When the warning shows up again, what are the perms on /var/spool/mail?
0
 
LVL 12

Author Comment

by:j2
ID: 2839074
[root@gatekeeper /root]# ls -la /var/spool/                
total 44
drwxr-xr-x   11 root     root         4096 May 10 12:39 .
drwxr-xr-x   18 root     root         4096 Mar 31 15:34 ..
drwxr-xr-x    2 root     root         4096 May  1 04:42 anacron
drwx------    3 daemon   daemon       4096 Mar 31 15:29 at
drwx------    2 root     root         4096 May 17 22:01 cron
drwxrwxr-x    2 root     daemon       4096 Mar 31 15:40 lpd
drwxrwxr-x    2 root     mail         4096 May 23 18:03 mail
drwxr-xr-x    2 root     root         4096 May 23 18:03 mqueue
drwxr-xr-x    2 root     root         4096 Feb  7 21:20 rwho
drwxr--r--   18 squid    squid        4096 May 21 04:02 squid
drwxr-xr-x    5 root     root         4096 May 10 12:39 vmail
[root@gatekeeper /root]# ls -la /var/spool/mail/
total 76
drwxrwxr-x    2 root     mail         4096 May 23 18:03 .
drwxr-xr-x   11 root     root         4096 May 10 12:39 ..
-rw-------    1 aslin    popusers     2051 May 23 16:32 aslin
-rwxrwxrwt    1 chand    popusers      559 May 23 14:41 chand
-rwxrwxrwt    1 hajan    popusers      559 May 19 12:10 hajan
-rw-rw----    1 lebun    mail          559 May 23 16:46 lebun
-rwxrwxrwt    1 makje    mail          559 May 23 13:30 makje
-rwxrwxrwt    1 mikje    popusers      559 May 23 15:28 mikje
-rw-------    1 mikoh    popusers      559 May 23 10:55 mikoh
-rw-------    1 motho    popusers     3805 May 23 18:03 motho
-rwxrwxrwt    1 padah    popusers     1820 May 19 09:29 padah
-rw-------    1 root     root         3522 May 23 04:00 root
-rw-------    1 stgus    popusers      559 May 22 08:54 stgus
-rwxrwxrwt    1 vatim    popusers      559 May 18 14:29 vatim
-rwxrwxrwt    1 wmjajoa  wmjajoa     16853 May 17 22:00 wmjajoa
[root@gatekeeper /root]#


Found something, the perms goes to heck when a new spoolfile is created, AND it looks related to using the "stock" linuxconf on a RH system, will compare the Two linuxconfs configs and see if i can see something
0
 
LVL 12

Author Comment

by:j2
ID: 2864541
Found it. Its because i am using the "stock" Linuxconf and not the RH version. Whats the mask 1777 when expressing it as:
[X] May read                  xx        
                            x       x[X] May write                 xx        
                            x       x[X] May execute               xx        
                            xGroup  x[X] May read                  xx        
                            x       x[X] May write                 xx        
                            x       x[X] May execute               xx        
                            xOthers x[X] May read                  xx        
                            x       x[ ] May write                 xx        
                            x       x[X] May execute               xx        
                            x       xqqqqqqqqSpecial flagsqqqqqqqqqxx        
                            x       x[ ] Setuid flag               xx        
                            x       x[ ] Setgid flag               xx        
                            x       x[X] Restriction on directory  xx        
0
 
LVL 40

Accepted Solution

by:
jlevie earned 10 total points
ID: 2868124
The "sticky bit" 1000 would be the "Restriction on directory" setting above. Having all options except "Setuid flag" and "Setgid flag" selected should yield a mode of 1777.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 12

Author Comment

by:j2
ID: 2868151
And right you are :)

Ive been over every manpage on chmod et. al. to find a bitmaping over the permissions but came up blank.
0
 
LVL 12

Author Comment

by:j2
ID: 2868158
Comment accepted as answer
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2871561
The man page you need is "man 2 chmod" and the bit of interest is S_ISVTX (01000 sticky bit).
0
 
LVL 12

Author Comment

by:j2
ID: 2871574
Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you.

THAT is something i did not know :)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2872597
You're welcome... Glad to add to the general knowledge base...
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

In this tutorial I will explain how to make squid prevent malwares in five easy steps: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-…
How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now