Quoted from Stewart Stremler [29 Jan 2005]:
> begin quoting Don W. Jenkins as of Fri, Jan 28, 2005 at 09:57:51PM -0800:
> > procmail: Suspicious rcfile "/home/oakman/.procmailrc"
> > procmail: Couldn't read "/home/oakman/.procmailrc"
>
> This leads me to suspect permissions, either on the file, or on the path
> to the file (missing +x permission on a containing directory?).
Yes, all the checks that result in ``suspicious rcfile'' errors are
related to permission and ownership, a large number of which procmail
checks to ensure that others can't set up or replace an rcfile on a
user's behalf.
For the rcfile itself, these checks are made (according to the source
code for procmail-3.22):
+ Must be owned either by the user, or by root.
+ Must not be writable by other.
+ If checking the default rcfile, must not be writable by group unless:
* it's on a system where each user has its own group, and
* it's owned by the user's own group.
+ The above checks are waived if the rcfile is /dev/null.
For the _directory_ containing the rcfile, these checks are made:
+ Must not be writable by other.
+ If checking the default rcfile, must not be writable by group unless:
* it's on a system where each user has its own group, and
* it's owned by the user's own group.
+ The above checks are waived if it has the sticky bit set, on a system
where ownership giveaways are not allowed (i.e., only root can use
chown).
Any references above to ``on a system where...'' are settings checked
when procmail was compiled, i.e., you cannot alter the outcomes of
those checks short of recompilation.
Hope this helps,
---Chris K.
--
Chris, the Young One |_ I'd love to see "hacker" added to doctor and
Auckland, New Zealand |_ lawyer for things every parent wants their kid
http://cloud9.hedgee.com/ |_ to grow up to be. ---Tracy R. Reed
--
KPLUG-List mailing list
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
