I give up...
Márcio da Rós Gomes
marciorg at inf.ufes.br
Wed Dec 15 12:55:34 UTC 2004
> No, I've also problems with squirrelmail when trying to send emails
> with attachments (simple emails without attachments are OK):
I had a problem like this and the attachment dir
(/var/spool/squirrelmail/attach/) had the wrong permissions. I changed the
permissions and everything worked as expected with SElinux enabled and
enforcing. I think the squirrelmail rpm is not setting the correct permissions
on that dir.
Below is a note of the squirrelmail config script:
-------------------------------
Note: There are a few security considerations regarding this
directory:
1. It should have the permission 733 (rwx-wx-wx) to make it
impossible for a random person with access to the webserver
to list files in this directory. Confidential data might
be laying around in there.
Depending on your user:group assignments, 730 (rwx-wx---)
may be possible, and more secure (e.g. root:apache)
2. Since the webserver is not able to list the files in the
content is also impossible for the webserver to delete files
lying around there for too long.
3. It should probably be another directory than the data
directory specified in option 3.
--------------------------------
Maybe this helps,
Marcio
More information about the fedora-selinux-list
mailing list