|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Wietse Venema (wietse
porcupine.org)Date: Wed Apr 17 2002 - 08:57:20 CDT
p dont think:
> Just curious if these file permissions (from
> /etc/postfix) are OK? Do they need to be
> executable by ANYONE???
>
> -rwxr-xr-x 1 root root 5425 Mar 11 02:06 postfix-script*
> -rw-r--r-- 1 root root 652 Oct 1 2001 postfix-script-diff
> -rwxr-xr-x 1 root root 6303 Oct 1 2001 postfix-script-nosgid*
> -rwxr-xr-x 1 root root 6329 Oct 1 2001 postfix-script-sgid*
> -rwxr-xr-x 1 root root 17970 Mar 11 02:06 post-install*
What opportunities for leveraging privileges would an unprivileged
user get from executing a file that has no set-uid or set-gid bits
set?
Wietse
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]