oss-sec mailing list archives

Re: Postfix incorrect permissions on configurations. Request.

From: Michael Tokarev <mjt () tls msk ru>
Date: Tue, 09 Apr 2013 22:19:54 +0400

09.04.2013 22:08, Russ Thompson wrote:

Postfix is setting the following permissions by default on Debian Squeeze.  I'm seeing roughly the same on 
RHEL/CentOS 6.x, this appears to be a requirement of "sendmail.postfix"  

0755 /etc/postfix
0644 /etc/postfix/*
0755 /etc/postfix-script
0755 /etc/post-install

Which allows all users to execute these scripts and read configurations.  Setting to tighter/more typical permissions 
(i.e 640) results in:  postfix/sendmail[21007]: fatal: open /etc/postfix/main.cf: Permission denied


That's all nice, but can you elaborate a bit -- what is wrong
with that?  Which request do you have?  What it has to do with
oss-security?

Thanks,

/mjt

Current thread:

Postfix incorrect permissions on configurations. Request. Russ Thompson (Apr 09)
- Re: Postfix incorrect permissions on configurations. Request. Michael Tokarev (Apr 09)
  - Re: Postfix incorrect permissions on configurations. Request. Russ Thompson (Apr 09)
    - Re: Postfix incorrect permissions on configurations. Request. Michael Tokarev (Apr 09)
- <Possible follow-ups>
- Re: Postfix incorrect permissions on configurations. Request. Mike (Apr 09)