Rick Shepherd said: > Hey guys, > I have a Fedora server that logs the following message: > Mailbox vulnerable - directory /var/spool/mail must have 1777 protection
1777 means the "sticky bit", anyone can read/write to that directory, and have the files or directories owned by that user. This is appropriate for /var/spool/mail, as each user will have a mail file in there to store their mail. What I suspect is that the permissions are 777 for /var/spool/mail, which is very very bad. This means that anyone can erase or modify anyone else's mail. Try: chmod 1777 /var/spool/mail -- Mark C. Ballew [EMAIL PROTECTED] http://sublinear.net http://markballew.com PGP: 0xB2A33008 "I wish those people just would be quiet," -- Steve Ballmer, Microsoft CEO, complaining about computer security researchers. _______________________________________________ RLUG mailing list [EMAIL PROTECTED] http://www.rlug.org/mailman/listinfo/rlug
