Philip explained why 1777 perms on a logfile directory are a bad idea:
| Having such as log directory be world-writable without pre-creating all
| logfiles creates possible security holes ...
| So, as long as you have to pre-create all the logfiles, why make the
| directory world-writable at all?
Fair enough. Thanks for explaining that.
| Might as well set the mode to 755 and be done with it.
Or even to 711.
| Note that procmail is paranoid about compiled files and paths that are
| accessed as part of a 'user context crossing'. For example,
| procmail -d userb
| will make procmail access all of the following:
| userb's mailspool
| userb's home directory
| userb's .procmailrc
That's only if procmail is setuid root, or (under certain OSes) setuid userb
and setgid to userb's login group. Many of us have to invoke an
unprivileged binary from .forward.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail