procmail
[Top] [All Lists]

Re: .procmailrc dir permissions

2002-05-01 06:15:29
Sean,

Thanks for your reply.  I wasn't asking my question out of frustration
or with any criticism in mind. (Your response carries a sort of
frustrated "...you idiot" tone.  I don't know you, so I can't say what
you meant to convey.  Please forgive me if I misunderstood.)

Some of our users have been complaining that we've had to change
permissions on their home dirs in our development environment, saying
that the test is now invalid because it doesn't match production.  I
wanted to be able to tell them with certainty why the perm changes were
necessary, and had suspected that it was a security issue, but didn't
want to say so without an authoritative answer on the subject.

Thanks again for your help,
Justin

PSE-L(_at_)mail(_dot_)professional(_dot_)org wrote:

At 14:10 2002-04-30 -0500, Justin Heimburger did say:

My question is why has procmail become more strict with regards to these
permissions, and why was this change made?

Uh, because they were security issues, and good software addresses security
issues by fixing them not by quietly ignoring them.

I read through the history file, but the only mention of permissions was
in relation to a problem processing .procmailrc's in 700 dirs.

Specific mention of .procmailrc security for versions in the range which
you are talking about can be found in 3.11pre3 and v3.12.  They seem germaine.

---
  Sean B. Straw / Professional Software Engineering

  Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
  Please DO NOT carbon me on list replies.  I'll get my copy from the list.

_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

-- 
Justin Heimburger
Edward Jones
DCS/Messaging
(314)515-4493
justin(_dot_)heimburger(_at_)edwardjones(_dot_)com
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>