Today Dick Hoogendijk wrote:

> Maybe a silly question but still, security has to be as high as
> possible, so, here it is:
>
> I installed procmail and got the fbsd warning about the program running
> with set user and group ID (root/mail) known as a security risk.
> What about this message? Procmail has persmission 6755. Is it nessacery
> for the prog to be world readable/executable? do I need to set things
> different or do I see ghosts? :-))

 How do you use procmail? Do you use it with sendmail? Is procmail the local
delivery agent or invoked from the user ~/.forward* file? Is sendmail
setuid root or running as root (confRUN_AS_USER/RunAsUser)?

 So there is many open question. Drop the setuid/setgid bits, and see
what happens.

        -andrew


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to