Tris <tris(_at_)semireal(_dot_)net(_dot_)dhis(_dot_)org> writes:
Is there a good way to find out if ones procmailrc file has mode
security hole that could be used by a hacker, and does this happen
much with procmail?
Procmail checks the permissions and ownership of your home directory
and .procmailrc before trusting them. In general, it will not trust
your .procmailrc if either it or your home directory is either group
or world writable. When that happens, procmail will log a message
Suspicious rcfile "/path/to/.procmailrc"
to the maillog.
The exception is if procmail was compiled with the GROUP_PER_USER flag,
in which case group-writablity isn't a problem if and only if the group
involved is your primary (default) group. This is for systems where
each user has their own group and a default umask of 002, such that
home directories and .procmailrc files are mode 775 and 664, but still
trustable becuase the user is the only one in their group.
If you're not sure what the permissions are on your home directory or
.procmailrc file, you can see them with the commands
ls -ld $HOME
ls -l $HOME/.procmailrc
Philip Guenther
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail