This one has bothered me a bit, I can understand why wwwoffled(8) needs to access the spool directory, but it strikes me as being a bit odd having the config directory owned by wwwoffle. Could this be exploitable, in the event of a hole in wwwoffled(8)? It seems rather contrary to spirit of the wwwrun login, to have a system directory modifiable by it. I assume the user is there to minimise impact in event of wwwoffled(8) being compromised, but currently it could write to it's own config file, surely a _bad_ thing. linux:/etc/wwwoffle # ps auxww | grep wwwoff wwwrun 420 0.0 0.2 2200 740 ? S Jan06 0:02 /usr/sbin/wwwoffled -c /etc/wwwoffle/wwwoffle.conf root 9317 0.0 0.2 1620 596 pts/4 S 17:38 0:00 grep wwwoff linux:/etc/wwwoffle # ls -lgd /var/spool/wwwoffle drwxr-x--- 20 wwwrun root 453 Jun 4 2001 /var/spool/wwwoffle linux:/etc/wwwoffle # ls -lgd /etc/wwwoffle/ drwxr-x--- 3 wwwrun root 173 Jan 7 17:14 /etc/wwwoffle/ linux:/etc/wwwoffle # ls -lgd /old/root/etc/wwwoffle/ drwxr-x--- 3 wwwrun root 83 Nov 2 13:39 /old/root/etc/wwwoffle/linux:/etc/wwwoffle The '/old/root' stuff is a backup of my SuSE 7.1 config so I know it's affected as well. I would expect something like root ownership, with read access to a group that wwwrun is in, if the wwwoffle config directory is sensitive enough to prevent world read access. chmod 570 /etc/wwwoffle won't work because the owner could chmod the directory :( Rob