On Mon, Jun 25, 2007 at 11:58:04PM -0700, Murray S. Kucherawy <[EMAIL PROTECTED]> wrote: > The socket is created using only umask by the bind() call in listener.c. > The only other files created are: > > - temp files in libdkim, if needed because DKIM_LIBFLAGS_TMPFILES or > DKIM_LIBFLAGS_KEEPFILES is set; these are created by a call to mkstemp() > which (according to the man pages) forces the mode to 0600 so the umask > doesn't matter > > - the cache database in libdkim, if _FFR_QUERY_CACHE is enabled and the > cache gets big enough to require a backing store file be created; it's > unclear whether the mode of this is forced to 0600 or not (I think it is), > but nothing other than dkim-filter needs to access this (and I believe > it's unlinked immediately on creation anyway) > > - the stats database in dkim-filter, which must be created with > permissions such that someone running dkim-stats can read the database
Okay, that's quite helpful. > If we can come up with a use case in which the current implementation is > insufficient, I can possibly justify a patch of some kind to libmilter. Just IMO, this all sounds very reasonable; I'm just picking brains to figure out how to best make a package that's usable by the most configurations with the least tweaking, since this IS intended to eventually end up in a stable release... :). Given the detail above, SM's patch + umask seems like it should do the trick nicely. (From a purely selfish perspective: I'm not building with _FFR_QUERY_CACHE, so even if that isn't forced to 0600, it's not a problem here.) -- Mike Markley <[EMAIL PROTECTED]> The universal thing about sysadmins is that we're lazy as hell. - Morgan McMillian ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
