Hi, On 11-Jul-01 Paco wrote:
Hi
sorry but my english is no good
When I start sendmail, i get the following messages in log file:
Daemon could not open control socket /var/run/sendmail/control: Group writable directory
Sendmail starts ok.
sendmail, for security reasons, does not like the directory /var/run/sendmail or /var/run to be in mode 775. The configuration option which makes sendmail less picky about these permissions is DontBlameSendmail. If enabled, sendmail does not check any permissions whatsoever. This is no good idea because you may open your system to serious security holes if your permissions, e. g. in the home dirs of your users, are badly set. This way, all group-members (like "users") could create and/or modify .forward-files to do all sorts of nasty things... You can set the permissions of /var/run to 755 (instead of 775) in /etc/permissions and manually change the perms of /var/run afterwards. That way, SuSEconfig/seccheck does not change the perms back to 775. However, be careful, some programs may need the perms of 775; do some tests after you've changed permissions. Btw., the reason why the option mentioned above is called "DontBlameSendmail" is that you should not blame the sendmail.org team for any security breaches taking place after implementing this option... ;) [...]
Anyone can help me?
Thanks [...]
---
Boris Lorenz