squirrelmail/sasldb2 access problem
Martin Schweizer
lists_freebsd at bluewin.ch
Fri Oct 20 10:06:51 UTC 2006
Hello
I use cyrus (incl. sasldb2) , apache, sendmail and squirrelmail (incl. plugin
to change the sasl password).
My problem is that /usr/local/etc/sasldb2.db needs the following right that
squirrelmail can change the password in the db:
-rw-rw-rw- 1 root cyrus 24576 20 Okt 11:46 sasldb2.db
This is a security hole, isn't it? Do you have any ideas?
--
Regards
Martin Schweizer
<info at pc-service.ch>
PC-Service M. Schweizer GmbH; Bannholzstrasse 6; CH-8608 Bubikon
Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch;
public key : http://www.pc-service.ch/pgp/public_key.asc;
fingerprint: EC21 CA4D 5C78 BC2D 73B7 10F9 C1AE 1691 D30F D239;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20061020/55dd8e5c/attachment.pgp
More information about the freebsd-questions
mailing list