Re: [suse-security] hardensuse <-> procmail -- (newaliases --->makemap) --

2 Jul 2000

      By the way:

the script : newaliases is just a small program, which executes makemap
(program, delivered by sendmail)
to generate hash encoded files. (faster access, since it consists of binary
info's).
You would use makemap also when modifying files in /etc/mail/.

the DIR /etc/mail includes a file aliases linked to /etc/aliases.

best regards

Shin Sterneck

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 6.5.2

mQGiBDi8fWcRBADzKFuwtQK3eRXWJXNyQKe2M14PFa4ehx4t8uVpT5zcfaPqsoXn
3Gnki25TjHqqvQbQ5+MdQlZTJPE43Zgz+wVIZeCNkYC1tX7HW1O+3RWHXIOENJYj
oREsoCu7ShEgkFbEJ2ytYuTyBOL0OlW7DbD/cc/4f5hGtXdsyecMyy/iUwCg/xbq
IGJ5yNzxDUB0Sl7Uy0qJ9VsD/2kTa1SlMdW3yp5K49B0nq0dzbSXuSyH2cGMX6yw
kOxWtgtDAsvjlqduTJ/DtnXqQW7mz+IXtAdgA+9/O3Ka4IFznMP6T+BhypIamwNi
cbL9jNHpEMccYqHcI11gM4bG+C22Zha8UWOfjWqXakX9DalU/CKchdJxgf8VKRHS
Lj8LA/9bFppzy3OgX0CmINRqFOR5mGDPRErt7HQYUf5A5zHQwBr3s1K73Z8i+A7I
+mH7/zKET91Cd364OB2H+NUNOuEOssQPFnRRqoBpcC8UDvlg8Nfac4h+tAvG2gsH
pPWNPryyop1oq/qfcri/gxbOA7KHvzfPvDb9GBNfakr0SwgaNLQkU2hpbiBTdGVy
bmVjayA8c3Rlcm5lY2tAanBuLnR1di5jb20+iQBOBBARAgAOBQI4vH1nBAsDAgEC
GQEACgkQeWXA+7soZM1JFgCgrSfY2yKTri1PbiWDUmV4koUOV4oAnRW9xvlfp0II
ncXxCyZ7B3eB2h4StCpTaGluIFN0ZXJuZWNrIDxzaGluc3Rlcm5lY2tAYWx0YXZp
c3RhLmNvbT6JAEsEEBECAAsFAji8ffYECwMCAQAKCRB5ZcD7uyhkzReeAKDdJgG+
D5tkxgKeN3JWeTAxygIQOQCeJ855nA/fkntmp9JVFkiVhd9Fa4i5BA0EOLx9aBAQ
APkYoH5aBmF6Q5CV3AVsh4bsYezNRR8O2OCjecbJ3HoLrOQ/40aUtjBKU9d8AhZI
gLUV5SmZqZ8HdNP/46HFliBOmGW42A3uEF2rthccUdhQyiJXQym+lehWKzh4XAvb
+ExN1eOqRsz7zhfoKp0UYeOEqU/Rg4Soebbvj6dDRgjGzB13VyQ4SuLE8OiOE2eX
TpITYfbb6yUOF/32mPfIfHmwch04dfv2wXPEgxEmK0Ngw+Po1gr9oSgmC66prrNl
D6IAUwGgfNaroxIe+g8qzh90hE/K8xfzpEDp19J3tkItAjbBJstoXp18mAkKjX4t
7eRdefXUkk+bGI78KqdLfDL2Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoB
p1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3bzpnh
V5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr
5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4
XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zaf
q9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XrPdYXAAICEADHCTlUrYvXgyuB
yQ6+AqaS9zIoCIihfO9vLge2kh3Q7gAzBsPSEn7fps+VAztDHVumL5HCpOwa7hSB
FHnIGUQlFmX3FdUiJVdaO5HpEoFFrUcjwEwggPFyobzC/hg7LT4T0qLMx5ZWfVCF
H/XnYuZ1Q1fwdo2Dyn0d1F+UI1MpjsbSDg3WigJTcbJfKN5DiAfJIx5ofm3bXjk/
fEZZi2wy+TH4hFiTZPvgtjcl7X31AKl/AtJuUiNfQ9fqsr8D+Bf28l1oI0ycn+mS
7oxe4fm7bpZgn9LuUbtFDKk90/yG7JDEZ15Rz57LvTKp8Y9O8OvVbq8oCJGRWHwL
c0wEnuW9Aq+cmbF5xiMvfR1K/qqyne7ALFXglY4a3RZ6JYaBe4QJmPxU1zuUff6M
u3bWM+yL5Xd3iiqhacWXjCrSiMIPokLSN72+uJ+SrQHOhGWHSRRN56+Ml8COx9Ng
aKc4+maXDfE9hzFNTI/fLWWbETOAMjWN6yEsygHfMvnXMAyGziaAQQoTZaYJf6H7
VuXcOf3FfNtG+Xih4p/SDO2YvknDfLzxIkW+XK93t/Q1HF8TWJiR5wZ4h/388754
zw5D+ldcXWzobIKSHSdrtkmqTnCQYutNd7XeYPnhk7InY27VWh8PQkXl/Y8tEUAn
rA2CQ7xq5PgZ/sQwqL2dhRCGmHqseYkARgQYEQIABgUCOLx9aAAKCRB5ZcD7uyhk
zfVnAJ0VZcDuIxlvSfxLLAHon2oBngJTpgCbBm2/tv8h3xyZwc0Sd71N3NzadZg=
=zE7l
-----END PGP PUBLIC KEY BLOCK-----

                    Roman Drahtmueller                                                      
                    <draht@uni-freibur        To:     Walter Krohe <wk@u2me.de>             
                    g.de>                     cc:     suse-security@suse.com                
                    Sent by:                  Subject:     Re: [suse-security] hardensuse   
                    draht@biocip.uni-f        <-> procmail                                  
                    reiburg.de                                                              

                    07/01/2000 04:07                                                        
                    AM                                                                      
                    Please respond to                                                       
                    draht                                                                   

Dear Walter,
...
Hi !
Does the hardensuse script something wich make the mails in
/var/spool/mail set to chmod 600 ?
Sometimes I see in /var/log/warn:
procmail[20002]: Insufficient privileges to deliver to "root"
or similar.
chmod 660 "by hand" -> /var/log/mail:
procmail[22902]: Enforcing stricter permissions on
"/var/spool/mail/root"
Where can can I reset this behavior or is there a solution?
Thanks for assistance.
The most convenient and reasonable solution for this problem doesn't even
touch its origin.

Forward mail sent to root to a dedicated, unpriviliged account. Reading
mails as root is definitely not a bright idea. Use /etc/aliases near the
end of the file for this purpose, and don't forget newaliases. :-)

Thanks,
Roman.
--
 _                                                               _
| Roman Drahtmüller              "The best way to pay for a       |
  CC University of Freiburg       lovely moment is to enjoy it."
| email: draht@uni-freiburg.de    - Richard Bach                  |
 -                                                               -

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribe@suse.com
For additional commands, e-mail: suse-security-help@suse.com

Shin Sterneck/Jpn/TUV

tags

participants (1)