HPE Community
Operating System - HP-UX
1827293 Members
3174 Online
109717 Solutions
New Discussion

mail home file permissions

 
SOLVED
Go to solution
James Odak
Valued Contributor

‎02-20-2003 09:58 AM

‎02-20-2003 09:58 AM

mail home file permissions

i noticed that when a users home directory has group or wolrd write permissions you get a message as follows when trying to use sendmail

# sendmail -v username
username... forward: /home/username/.forward.sphpob21+: Group writable directory
username... forward: /home/username/.forward+: Group writable directory
username... forward: /home/username/.forward.sphpob21: Group writable directory
username... forward: /home/username/.forward: Group writable directory
sphpob21:root:/home


however the mail works fine even though the message is disolayed. it is delivered and i see no problems ..is this just a warning? will it cause any problems with mail?

curious .. whoever scripted the home directory creation (running NIS) scripting it with 777 permissions and wondering if i need to make a case to change this


thanks
0 Kudos
6 REPLIES 6
Ross Zubritski
Trusted Contributor

‎02-20-2003 10:04 AM

‎02-20-2003 10:04 AM

Re: mail home file permissions

Sendmail is VERY picky when it comes to "Global" perms.

Most likely /home and/or /home/username is world writable

chmod g-w /home/username

does that fix it?

If so, I would think that NIS should not be setting the users home directory to 777. Sounds like an unannounced "feature".

Regards

REZ



0 Kudos
James Odak
Valued Contributor

‎02-20-2003 10:28 AM

‎02-20-2003 10:28 AM

Re: mail home file permissions

Heh, i KNOW that is why i am getting the error
what bothers me is even tho i get the error mail still delivers
if /var or /etc has world writeable permissions it will not even deliver the message

i just want to know if i can leave the /home/user permissions wide open and just ignore the message

i just know if i make a stink about changing user home dir permissions someone is gonna gripe ...and personaly i see very little problem with leaving them wide open as long as the user knows and doesn'r care
0 Kudos
Ross Zubritski
Trusted Contributor

‎02-20-2003 10:36 AM

‎02-20-2003 10:36 AM

Re: mail home file permissions

Hey,

If the users are willing to risk the potential consquences, why change it?

;)

RZ
0 Kudos
Frank Slootweg
Honored Contributor

‎02-21-2003 01:33 AM

‎02-21-2003 01:33 AM

Re: mail home file permissions

Perhaps I am missing something, but group writable home directories are ummm ... un-smart, and you seem to know that but you still are asking us if they are a problem?

Writable directories means that people in the group can remove and replace things at will. They can even reset mode/UID/GID and timestamps after a replacemen, so you will not even *see* that things were changed.

Bottom line: Not good.
0 Kudos
T G Manikandan
Honored Contributor

‎02-21-2003 01:39 AM

‎02-21-2003 01:39 AM

Solution

Re: mail home file permissions

http://www1.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000064900548
James Odak
Valued Contributor

‎02-21-2003 07:09 AM

‎02-21-2003 07:09 AM

Re: mail home file permissions

TG thanks that is exactly what i waslooking for

Frank, i realize it is bad, however it is a "design" that was in place before my time with this company ... changing the persmissions on a home directory(s) just because it isn't a best practice will not get all that much attention (home directories are consisdered to be at the whim of the user)
However if i can argue that it was causing a definite problem .. makes things a lot easier

Thanks for all the input

Jim
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.