On 2009-04-01, at 1001, Manvendra Bhangui wrote:

For the RPM installation, it is a good practice to set the permission for
every file/directory under the %files section.


It shouldn't be done under
%pre or %post section because then the RPM cannot figure out the permissions
till it runs the script under %pre or %post section.
Example of how the entries should be

%dir %attr(555,vpopmail,vchkpw)  %{_prefix}
%attr(4555,root,root)                     %{_prefix}/bin/vadduser
%attr(4555,root,root)                     %{_prefix}/bin/printdir
%attr(4555,root,root)                     %{_prefix}/bin/vdeluser
%attr(4555,root,root)                     %{_prefix}/bin/vbulletin
%attr(4555,root,root)                     %{_prefix}/bin/vdominfo
%attr(4555,root,root)                     %{_prefix}/bin/vadddomain
%attr(4555,root,root)                     %{_prefix}/bin/vdeldomain

i hope these aren't the settings you're actually using on a real server anywhere.

if so, ANY user on the system, including the apache anonymous user, can wipe out every mailbox on the system, with one command.

you DO NOT want these to be setuid root. in fact, you don't want ANY of the binaries to be setuid root, except possibly for vpopmaild, and that only if you want to allow it to create and remove domains- otherwise it can run as the vpopmail user with no ill effects.

personally i think that's a better idea anyway. i don't WANT to be able to do something as drastic as adding or removing domains through a web interface. i would rather be required to SSH in and become root in order to do this.

| John M. Simpson    ---   KG4ZOW   ---    Programmer At Large |
| http://www.jms1.net/                         <j...@jms1.net> |
| http://video.google.com/videoplay?docid=-1656880303867390173 |

Attachment: PGP.sig
Description: This is a digitally signed message part


Reply via email to