mail folder vulnerable
kris at obsecurity.org
Fri Apr 16 01:38:30 PDT 2004
On Fri, Apr 16, 2004 at 11:31:27AM +0300, Radu MOLNAR wrote:
> mode for /var/mail was 1775.
It should be 0775.
> i changed it to 1777 and i dont get the
> message anymore. isn't 1777 a security risk?
Not really, but it does allow people to store arbitrary files there,
which you don't necessarily want. Mode 0775 is sufficient for FreeBSD
since the MTA has permission to write to the directory by virtue of
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040416/ec2db161/attachment.bin
More information about the freebsd-questions