topic ipop3 file permissions setup in Operating System - Linux

ipop3 file permissions setup

Vernon Brown_4 — Thu, 01 Jul 2004 13:11:35 GMT

I get the following error out of LogWatch each morning. What are the chmod xxx numbers that will result in the 1777 protection ??

**Unmatched Entries** Mailbox vulnerable - directory /var/spool/mail must have 1777 protection: 54 Time(s) ---------------------- ipop3d End -------------------------

Thanks for any response !!

Re: ipop3 file permissions setup

unknown_6 — Thu, 01 Jul 2004 13:29:20 GMT

Greetings,
First I'd like to suggest a trip to:
man chmod. You'll find it an invaluable trip.
You can also get similar results on the web at:
http://man.dnswatch.com (for *BSD but very
similar). OK, and now for the answer to your
question...
You need to type chmod 1777 (whatever directory
it's complaining about), eg;
chmod 1777 mymailbox. You might be confused
because of the 4th octet as most ppl are more
accustomed to seeing (or using 3). The extra
octet is the "sticky" bit. Meaning all subs
of the folder inherit the same premissions
as it's parent.

Have fun!

Chris out...

Re: ipop3 file permissions setup

Steven E. Protter — Thu, 01 Jul 2004 13:31:43 GMT

cd /var/mail

make the permissions look like this:

-rw------- 1 root mail 31098315 Jul 1 13:18 root

This applies to all files.

The group on allthese files needs to be mail.

The intended user must own it.

When I got this message, what I recommend above is all I did. The message did not go away immediately, but eventually did.

Don't do a chomod 1777, just look for files with those permissions. You probably won't find any.

SEP

Re: ipop3 file permissions setup

Steven E. Protter — Thu, 01 Jul 2004 13:34:28 GMT

Its probably okay to chmod 1777 the directory.

Here are my permissions RH ES 3

drwxr-xr-x 17 root root 4096 Feb 21 21:03

Not getting the error.

SEP
Jerusalem

Re: ipop3 file permissions setup

Vernon Brown_4 — Thu, 01 Jul 2004 15:36:18 GMT

Ok thanks; I'll give it a shot. I didn't see how chmod 1777 could work to make the Mailbox less vulnerable; seems like it would be more so.

Vern

Re: ipop3 file permissions setup

Vernon Brown_4 — Thu, 01 Jul 2004 15:41:20 GMT

After a trip to man chmod I see that the sticky bit set on a directory makes it so that only root can change or remove files in the directory. The stickybit not set must be causing the complaint.

Vern

Re: ipop3 file permissions setup

Stuart Browne — Thu, 01 Jul 2004 18:00:46 GMT

Sticky bit (also usually on /tmp/) is set to allow only root, or the person who created the file to remove it.