[Dovecot] Security issue #5: mail_extra_groups setting is often used insecurely
Benoit Branciard
Benoit.Branciard at univ-paris1.fr
Tue Mar 4 14:42:19 EET 2008
Timo Sirainen a écrit :
>>> 2a) mbox: Any files/directories under mail group-writable directories
>>> can be created/deleted/renamed by symlinking the directory under
>>> ~/mail/. For example ln -s /var/mail ~/mail/var, DELETE var/root will
>>> happily delete root's mailbox. This I hadn't thought about before.
>>
>> Not if /var/mail is set sticky, which is the case on all good modern
>> Unix systems:
>
> Right. That's why it was included in the workarounds. :)
>
> Anyway I also thought that /var/mail would be sticky in at least some
> systems. I couldn't find a single one. CentOS 5, Debian, FreeBSD 6.2,
> Solaris 10 none have it sticky by default.
All our Debian Sarge and Etch systems (with Sendmail and procmail
packages) have /var/mail sticky by default, we didn't modify it ourselves.
--
Ce message a ete verifie par MailScanner
pour des virus ou des polluriels et rien de
suspect n'a ete trouve.
More information about the dovecot
mailing list