More RH6.2 wierdness.
May 17 21:19:59 gatekeeper ipop3d[5222]: Mailbox vulnerable - directory /var/spool/mail must have 1777 protection
Resetting the perms to 1777 works, but after a random time, this error is back. With no clue in the logs as to what has changed :-/
Resetting the perms to 1777 works, but after a random time, this error is back. With no clue in the logs as to what has changed :-/
When the warning shows up again, what are the perms on /var/spool/mail?
ASKER
[root@gatekeeper /root]# ls -la /var/spool/
total 44
drwxr-xr-x 11 root root 4096 May 10 12:39 .
drwxr-xr-x 18 root root 4096 Mar 31 15:34 ..
drwxr-xr-x 2 root root 4096 May 1 04:42 anacron
drwx------ 3 daemon daemon 4096 Mar 31 15:29 at
drwx------ 2 root root 4096 May 17 22:01 cron
drwxrwxr-x 2 root daemon 4096 Mar 31 15:40 lpd
drwxrwxr-x 2 root mail 4096 May 23 18:03 mail
drwxr-xr-x 2 root root 4096 May 23 18:03 mqueue
drwxr-xr-x 2 root root 4096 Feb 7 21:20 rwho
drwxr--r-- 18 squid squid 4096 May 21 04:02 squid
drwxr-xr-x 5 root root 4096 May 10 12:39 vmail
[root@gatekeeper /root]# ls -la /var/spool/mail/
total 76
drwxrwxr-x 2 root mail 4096 May 23 18:03 .
drwxr-xr-x 11 root root 4096 May 10 12:39 ..
-rw------- 1 aslin popusers 2051 May 23 16:32 aslin
-rwxrwxrwt 1 chand popusers 559 May 23 14:41 chand
-rwxrwxrwt 1 hajan popusers 559 May 19 12:10 hajan
-rw-rw---- 1 lebun mail 559 May 23 16:46 lebun
-rwxrwxrwt 1 makje mail 559 May 23 13:30 makje
-rwxrwxrwt 1 mikje popusers 559 May 23 15:28 mikje
-rw------- 1 mikoh popusers 559 May 23 10:55 mikoh
-rw------- 1 motho popusers 3805 May 23 18:03 motho
-rwxrwxrwt 1 padah popusers 1820 May 19 09:29 padah
-rw------- 1 root root 3522 May 23 04:00 root
-rw------- 1 stgus popusers 559 May 22 08:54 stgus
-rwxrwxrwt 1 vatim popusers 559 May 18 14:29 vatim
-rwxrwxrwt 1 wmjajoa wmjajoa 16853 May 17 22:00 wmjajoa
[root@gatekeeper /root]#
Found something, the perms goes to heck when a new spoolfile is created, AND it looks related to using the "stock" linuxconf on a RH system, will compare the Two linuxconfs configs and see if i can see something
total 44
drwxr-xr-x 11 root root 4096 May 10 12:39 .
drwxr-xr-x 18 root root 4096 Mar 31 15:34 ..
drwxr-xr-x 2 root root 4096 May 1 04:42 anacron
drwx------ 3 daemon daemon 4096 Mar 31 15:29 at
drwx------ 2 root root 4096 May 17 22:01 cron
drwxrwxr-x 2 root daemon 4096 Mar 31 15:40 lpd
drwxrwxr-x 2 root mail 4096 May 23 18:03 mail
drwxr-xr-x 2 root root 4096 May 23 18:03 mqueue
drwxr-xr-x 2 root root 4096 Feb 7 21:20 rwho
drwxr--r-- 18 squid squid 4096 May 21 04:02 squid
drwxr-xr-x 5 root root 4096 May 10 12:39 vmail
[root@gatekeeper /root]# ls -la /var/spool/mail/
total 76
drwxrwxr-x 2 root mail 4096 May 23 18:03 .
drwxr-xr-x 11 root root 4096 May 10 12:39 ..
-rw------- 1 aslin popusers 2051 May 23 16:32 aslin
-rwxrwxrwt 1 chand popusers 559 May 23 14:41 chand
-rwxrwxrwt 1 hajan popusers 559 May 19 12:10 hajan
-rw-rw---- 1 lebun mail 559 May 23 16:46 lebun
-rwxrwxrwt 1 makje mail 559 May 23 13:30 makje
-rwxrwxrwt 1 mikje popusers 559 May 23 15:28 mikje
-rw------- 1 mikoh popusers 559 May 23 10:55 mikoh
-rw------- 1 motho popusers 3805 May 23 18:03 motho
-rwxrwxrwt 1 padah popusers 1820 May 19 09:29 padah
-rw------- 1 root root 3522 May 23 04:00 root
-rw------- 1 stgus popusers 559 May 22 08:54 stgus
-rwxrwxrwt 1 vatim popusers 559 May 18 14:29 vatim
-rwxrwxrwt 1 wmjajoa wmjajoa 16853 May 17 22:00 wmjajoa
[root@gatekeeper /root]#
Found something, the perms goes to heck when a new spoolfile is created, AND it looks related to using the "stock" linuxconf on a RH system, will compare the Two linuxconfs configs and see if i can see something
ASKER
Found it. Its because i am using the "stock" Linuxconf and not the RH version. Whats the mask 1777 when expressing it as:
[X] May read xx
x x[X] May write xx
x x[X] May execute xx
xGroup x[X] May read xx
x x[X] May write xx
x x[X] May execute xx
xOthers x[X] May read xx
x x[ ] May write xx
x x[X] May execute xx
x xqqqqqqqqSpecial flagsqqqqqqqqqxx
x x[ ] Setuid flag xx
x x[ ] Setgid flag xx
x x[X] Restriction on directory xx
[X] May read xx
x x[X] May write xx
x x[X] May execute xx
xGroup x[X] May read xx
x x[X] May write xx
x x[X] May execute xx
xOthers x[X] May read xx
x x[ ] May write xx
x x[X] May execute xx
x xqqqqqqqqSpecial flagsqqqqqqqqqxx
x x[ ] Setuid flag xx
x x[ ] Setgid flag xx
x x[X] Restriction on directory xx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
And right you are :)
Ive been over every manpage on chmod et. al. to find a bitmaping over the permissions but came up blank.
Ive been over every manpage on chmod et. al. to find a bitmaping over the permissions but came up blank.
ASKER
Comment accepted as answer
The man page you need is "man 2 chmod" and the bit of interest is S_ISVTX (01000 sticky bit).
ASKER
Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you.
THAT is something i did not know :)
THAT is something i did not know :)
You're welcome... Glad to add to the general knowledge base...