mail folder vulnerable
Kris Kennaway
kris at obsecurity.org
Fri Apr 16 00:49:26 PDT 2004
On Fri, Apr 16, 2004 at 10:37:36AM +0300, Radu MOLNAR wrote:
> yes, i'm using pine from ports
>
> --------------------------------
> Radu Molnar
> Babes-Bolyai Comunication Center
> --------------------------------
>
>
> On Fri, 16 Apr 2004, Kris Kennaway wrote:
>
> > On Fri, Apr 16, 2004 at 09:58:31AM +0300, Radu MOLNAR wrote:
> > >
> > > Hello list
> > >
> > > pine gives me this message:
> > > [Folder vulnerable - directory /var/mail must have 1777 protection]
> > > why?
> > >
> > > ls -l in my home dir:
> > > drwx------ 2 taipan wheel 512 Apr 15 09:26 mail
> > >
> > > an ls -l in /var/mail:
> > > -rw------- 1 taipan wheel 11089 Apr 16 09:52 taipan
> > >
> > > is this serious?
> >
> > I believe the error message is wrong on FreeBSD, and it should not be
> > there if you use the FreeBSD port.
You didn't ls -ld /var/mail; mode 1777 should not be needed on
FreeBSD, but perhaps you have incorrect permissions still. Or, the
pine port could just be wrong (maybe I'm mis-remembering that the
warning was removed, or maybe it came back).
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040416/44b3a212/attachment-0001.bin
More information about the freebsd-questions
mailing list