Mailbox vulnerable?

Olga olga at urbantimes.net
Mon Jun 28 14:25:18 UTC 2004 

drwxrwxrwt root mail

It's because Fedora 1 has a different version of imap than
7.3.

Quoting Hongwei Li <hongwei at morpheus.wustl.edu>:

> Thanks!  But my rh7.3 box has
>
> # ls -ld /var/spool/mail/
> drwxr-xr-x    2 root     root         4096 Jun 28 08:00
> /var/spool/mail/
>
> but never shows any warning message.  Is it because rh7.3
> is too old?
>
> Also, should it be drwxrwxrwt or drwxrwxr-t? should it be
>
> drwxrwxrwt root mail
>
> or
>
> drwxrwxrwt root root?
>
> Thanks!
>
>
> > /var/spool/mail should have the following permissions:
> > drwxrwxrwt (it should have the sticky bit set).
> >
> > Quoting Hongwei Li <hongwei at morpheus.wustl.edu>:
> >
> >> Hi,
> >>
> >> We have a fc1 box.  We have he permissions setting as:
> >>
> >> # ls -ld /var/spool/mail
> >> drwxrwxr-x  2 root mail 4096 Jun 28 08:43
> /var/spool/mail
> >> # ls -ld /tmp
> >> drwxrwxrwt  11 root root 24576 Jun 28 08:43 /tmp
> >>
> >> The LogWatch always shows the warning:
> >>
> >> Mailbox vulnerable - directory /var/spool/mail must
> have
> >> 1777 protection
> >>
> >> When a regular user (except root) opens pine to read
> >> mails, he also sees
> >> this message at the very beninning for about 1 to 2
> >> seconds.  As I
> >> understand, the permission drwxrwxr-x is correct.
> What
> >> is wrong?  Do I
> >> need to change the permission on the mail directory?
> if
> >> yes, change it to
> >> what?
> >>
> >> Thanks!
> >>
> >> Hongwei
> >>
> >>
> >> --
> >> fedora-list mailing list
> >> fedora-list at redhat.com
> >> To unsubscribe:
> >> http://www.redhat.com/mailman/listinfo/fedora-list
> >>
> >
> >
> >
> >
> >
>
----------------------------------------------------------------
> > This message was sent using IMP, the Internet Messaging
> Program.
> >
> >
> > --
> > fedora-list mailing list
> > fedora-list at redhat.com
> > To unsubscribe:
> http://www.redhat.com/mailman/listinfo/fedora-list
> >
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe:
> http://www.redhat.com/mailman/listinfo/fedora-list
>




----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

More information about the fedora-list mailing list