dziwne komunikaty z logów przy starcie postfixa
Tomasz Kłoczko
kloczek w rudy.mif.pg.gda.pl
Wto, 25 Lip 2000, 13:28:48 CEST
Właśnie Micjał zauważył, że pojawiaja sie takie dość
dziwne komuniakty. Sprawdziłem i u mnie to wygląda tak:
Jul 25 13:49:55 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/.
Jul 25 13:49:55 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./bounce
Jul 25 13:49:55 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./cleanup
Jul 25 13:49:55 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./error
Jul 25 13:49:55 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./local
Jul 25 13:49:55 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./master
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./pickup
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./pipe
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./qmgr
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./showq
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./smtp
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./smtpd
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./trivial-rewrite
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./lmtp
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /usr/lib/postfix/./nqmgr
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/.
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./access
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./aliases
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./canonical
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./master.cf
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./postfix-script
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./virtual
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./main.cf~
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./main.cf
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./relocated
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./access.db
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./transport
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./main.cf.rpmnew
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./aliases.db
Jul 25 13:49:56 cenzor postfix-script: warning: group or other writable: /etc/mail/./canonical.db
Jul 25 13:49:57 cenzor postfix-script: warning: group or other writable: /etc/mail/./relocated.db
Jul 25 13:49:57 cenzor postfix-script: warning: group or other writable: /etc/mail/./transport.db
Jul 25 13:49:57 cenzor postfix-script: warning: group or other writable: /etc/mail/./virtual.db
Jul 25 13:49:57 cenzor postfix-script: warning: group or other writable: /etc/mail/./mail.rc
Przykładowo:
[root w cenzor log]# ls -l /usr/lib/postfix/./bounce
-rwxr-xr-x 1 root root 431131 cze 1 09:01 /usr/lib/postfix/./bounce
imho nie powinien sie pluć o to ze z roota mozna pisać bo jak ktoś już ma
uid czy nawet euid =0 to przejęcie pełnych uprawnień nie jest juz żadna
sztuką, a pisanie po plikach bez praw zapisu przy uid=0 nie jest niczm
niewykonalnym.
Ktoś zna podstawy wrzucania takich ostrzeżeń ?
(już nie wspomnę, że pluje sie o pliki do których nie powinien sie pluć
jak *~ czy *.rpmnew).
kloczek
--
-----------------------------------------------------------
*Ludzie nie mają problemów, tylko sobie sami je stwarzają*
-----------------------------------------------------------
Tomasz Kłoczko, sys adm @zie.pg.gda.pl|*e-mail: kloczek w rudy.mif.pg.gda.pl*
Więcej informacji o liście dyskusyjnej pld-devel-pl