Subject: Re: Sendmail is filling my logs
To: Andrew Brown <>
From: Tim D. Bandy <>
List: current-users
Date: 02/21/2000 09:09:04
Also sprach Andrew Brown:
!: >But isn't this warning message (a) wrong, (b) confusing and in this case
!: >completely inappropriate (what is the security implication of my case
!: >that I can't see)?
!: >Feb 18 21:23:11 rumolt sendmail[239]: VAA00257: forward /home/martin/.forward.rumolt: Group writable directory
!: if you read it like this: (a) sendmail was looking for a .forward type
!: file, (b) here's the path it was checking, and (c) that path contains
!: a group writable directory, then it's perfectly acceptable.  it's a
!: bit of a stretch, but that's it.
!: the security risk to you is that sendmail thinks it's possible that
!: someone can steal your mail.

Actually, to escalate this a bit further, sendmail thinks that it's
possible that someone can steal your account.  Remember that sendmail
will execute programs on behalf of the user out of .forward files.

Tim Bandy ( | UNIX system administrator | Finger for pgp key
-- ## -- ## I accept donations in the form of fresh coffee beans ## -- ## --
-- ## -- ## Valiantly trying to stay unsoiled by MS since 1994   ## -- ## --
"We are a great software company. That's
the only image anyone should have of    
us." -- Bill Gates