Subject: Re: Sendmail is filling my logs
To: Andrew Brown <firstname.lastname@example.org>
From: Tim D. Bandy <email@example.com>
Date: 02/21/2000 09:09:04
Also sprach Andrew Brown:
!: >But isn't this warning message (a) wrong, (b) confusing and in this case
!: >completely inappropriate (what is the security implication of my case
!: >that I can't see)?
!: >Feb 18 21:23:11 rumolt sendmail: VAA00257: forward /home/martin/.forward.rumolt: Group writable directory
!: if you read it like this: (a) sendmail was looking for a .forward type
!: file, (b) here's the path it was checking, and (c) that path contains
!: a group writable directory, then it's perfectly acceptable. it's a
!: bit of a stretch, but that's it.
!: the security risk to you is that sendmail thinks it's possible that
!: someone can steal your mail.
Actually, to escalate this a bit further, sendmail thinks that it's
possible that someone can steal your account. Remember that sendmail
will execute programs on behalf of the user out of .forward files.
Tim Bandy (firstname.lastname@example.org) | UNIX system administrator | Finger for pgp key
-- ## -- ## I accept donations in the form of fresh coffee beans ## -- ## --
-- ## -- ## Valiantly trying to stay unsoiled by MS since 1994 ## -- ## --
"We are a great software company. That's
the only image anyone should have of
us." -- Bill Gates