Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 30 Dec 2002 15:11:42 +0100 (CET)
From:      Andrew Prewett <andrew@kronos.HomeUnix.com>
To:        freebsd-questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: procmail security question
Message-ID:  <20021230145045.G13526@slave.east.ath.cx>
In-Reply-To: <20021230115740.GA3719@pooh.nagual.st>
References:  <20021230115740.GA3719@pooh.nagual.st>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Today Dick Hoogendijk wrote:

> Maybe a silly question but still, security has to be as high as
> possible, so, here it is:
>
> I installed procmail and got the fbsd warning about the program running
> with set user and group ID (root/mail) known as a security risk.
> What about this message? Procmail has persmission 6755. Is it nessacery
> for the prog to be world readable/executable? do I need to set things
> different or do I see ghosts? :-))

 How do you use procmail? Do you use it with sendmail? Is procmail the local
delivery agent or invoked from the user ~/.forward* file? Is sendmail
setuid root or running as root (confRUN_AS_USER/RunAsUser)?

 So there is many open question. Drop the setuid/setgid bits, and see
what happens.

	-andrew


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20021230145045.G13526>