HPE Community
Operating System - HP-UX
1832091 Members
2828 Online
110038 Solutions
New Discussion

Re: Sendmail warning

 
Oscar Castillo Murillo
Occasional Advisor

‎11-10-2004 11:00 AM

‎11-10-2004 11:00 AM

Sendmail warning

I running newaliases in sendmail for HP-UX 11.00 but display of following message

newaliases: cannot open /etc/mail/aliases: Group writable file

-rwxrwxrwx 1 root sys 897 Oct 28 22:57 aliases
-rwxrwxrwx 1 root mail 24576 Nov 10 17:54 aliases.db
0 Kudos
Reply
13 REPLIES 13
Michael Tully
Honored Contributor

‎11-10-2004 11:03 AM

‎11-10-2004 11:03 AM

Re: Sendmail warning

The permissions on these files should be like this:

# ll /etc/mail
total 270
-r--r--r-- 1 bin bin 1127 Aug 19 2003 aliases
-rw-r--r-- 1 root mail 24576 Nov 6 20:23 aliases.db
-r--r--r-- 1 bin bin 10222 Nov 14 2000 mailcap
-r--r--r-- 1 bin bin 94283 Apr 30 2002 sendmail.cf
-r--r--r-- 1 bin bin 732 Aug 31 2003 sendmail.cw
-rw-r--r-- 1 root mail 34 Nov 6 20:23 sendmail.pid
-r--r--r-- 1 bin bin 1012 Nov 14 2000 service.switch

One further thing to note, perhaps you'd better look at other files on your system. It looks to me it could be open slather for anyone wishing to hack your box.
Anyone for a Mutiny ?
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎11-10-2004 11:10 AM

‎11-10-2004 11:10 AM

Re: Sendmail warning

Having any world writeable files in the sendmail configuration is considered dangerous. It can allow your machine's sendmail configuration to be compromised by an unpriviledged user.

An example of this would be setting up a sendmail alias that can be used to send spam.

Change the permissions on the files to match those in the prior post and the warning will stop.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Oscar Castillo Murillo
Occasional Advisor

‎11-10-2004 11:14 AM

‎11-10-2004 11:14 AM

Re: Sendmail warning

I change of permitions but not resolved the problem

-rw-r--r-- 1 bin bin 897 Oct 28 22:57 aliases
-rw-r--r-- 1 root mail 24576 Nov 10 18:13 aliases.db

Now display of following message

warning: /etc/mail/aliases has world read or write permission. This is unsafe.
warning: /etc/mail/aliases.db has world read or write permission. This is unsafe
.
/etc/mail/aliases: 8 aliases, longest 9 bytes, 112 bytes total


0 Kudos
Reply
Lee Tae-kyung
Regular Advisor

‎11-10-2004 03:43 PM

‎11-10-2004 03:43 PM

Re: Sendmail warning

Hi Oscar,

Did you restart sendmail daemon after you modified the file's permission?

^^

Good day^^
I think I am a specialist in IT Korea^^. I am a programmer and SE and DBA
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎11-10-2004 04:15 PM

‎11-10-2004 04:15 PM

Re: Sendmail warning

There should be no write permissions on those files. root can write even if it owns and does not have write permissions.

Restart the sendmail daemon.

/sbin/init.d/sendmail stop
/sbin/init.d/sendmail start

Now it should stop warning.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎11-10-2004 04:21 PM

‎11-10-2004 04:21 PM

Re: Sendmail warning

Hi,

Ensure the permissions of /etc and /etc/mail are not set with world write permissions. Also check the home directory of root for appropriate permissions including /.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Oscar Castillo Murillo
Occasional Advisor

‎11-11-2004 02:51 AM

‎11-11-2004 02:51 AM

Re: Sendmail warning

I following your instructions, but the situation continue...see sentences.

# ./S541sendmail stop
kill: 3840: no such process
Killed
# ./S541sendmail start
InterScan Email VirusWall is up and running.
warning: /etc/mail/aliases has world read or write permission. This is unsafe.
warning: /etc/mail/aliases.db has world read or write permission. This is unsafe
.
0 Kudos
Reply
Fred Martin_1
Valued Contributor

‎11-11-2004 03:12 AM

‎11-11-2004 03:12 AM

Re: Sendmail warning

Perhaps the folder itself has wrong permissions?

For me, /etc/mail is:

dr-xr-xr-x bin bin /etc/mail


Fred
fmartin@applicatorssales.com
0 Kudos
Reply
Oscar Castillo Murillo
Occasional Advisor

‎11-11-2004 03:25 AM

‎11-11-2004 03:25 AM

Re: Sendmail warning

The permitions for directory /etc/mail as:

drwxr-xr-x 3 bin bin 1024 Nov 10 17:54 mail
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎11-11-2004 03:30 AM

‎11-11-2004 03:30 AM

Re: Sendmail warning

Hi,

Change the permissions to look like

dr-xr-xr-x 2 bin bin 1024 Mar 11 2004 /etc/mail

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Oscar Castillo Murillo
Occasional Advisor

‎11-11-2004 03:35 AM

‎11-11-2004 03:35 AM

Re: Sendmail warning

I make the changes but problem persist.
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎11-11-2004 03:36 AM

‎11-11-2004 03:36 AM

Re: Sendmail warning

How about permissions on / and /etc?. Make sure they look like this.

dr-xr-xr-x 30 bin bin 8192 Nov 10 15:43 /etc
drwxr-xr-x 41 root root 1024 May 5 2004 /


-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎11-11-2004 03:39 AM

‎11-11-2004 03:39 AM

Re: Sendmail warning

warning: /etc/mail/aliases has world read or
write permission. This is unsafe.

warning: /etc/mail/aliases.db has world read or write permission. This is unsafe.

Recommended action

Execute the following commands.

# chmod 640 /etc/mail/aliases
# chmod 640 /etc/mail/aliases.db
# sendmail -bi

Best regards,
Robert-Jan
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.