Bug 115903 - ipop3d complains about /var/spool/mail permissions
ipop3d complains about /var/spool/mail permissions
Status: CLOSED DUPLICATE of bug 103479
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: imap (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: John Dennis
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2004-02-16 17:52 EST by Anil Gangolli
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-02-21 14:01:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Anil Gangolli 2004-02-16 17:52:08 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET 
CLR 1.0.3705; .NET CLR 1.1.4322)

Description of problem:
See Bug 10678: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?
id=10678.  This looks like a regression.

I am seeing log messages of the form:

Feb 16 14:23:16 sycamore ipop3d[8976]: Mailbox vulnerable - 
directory /var/spool/mail must have 1777 protection

The /var/spool/mail directory has the permissions with which it was 
installed in ES 3.0 Update 1:

drwxrwxr-x    2 root     mail         4096 Feb 16 
14:21 /var/spool/mail

These permissions seem appropriate [See discussion in Bug 10678 as 
well], and the error messages should really be removed from ipop3d; 
if there is any way to disable them, please advise.  The pacakage is 
imap-2002d-2.rpm from the ES 3.0 Update 1 distribution.

I was not seeing these when running 7.2 (with all updates), which I 
was running until 2/15/04.

An additional nuisance is that these messages then trigger LogWatch 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Install RedHat ES 3.0 Update 1
2. Set up sendmail (default).
3. Enable ipop3 service in xinetd
4. Send some mail to an account
5. Connect from any pop3 client 

Actual Results:  Spurious vulnerability warnings, but no functional 

Additional info:

This appears to be a regression of Bug 10678.
Comment 1 Mike A. Harris 2004-02-27 05:20:37 EST
Yep, it seems a patch must have gotten accidentally dropped
somewhere along the way that squelches that bogus error message.

*** This bug has been marked as a duplicate of 103479 ***
Comment 2 Red Hat Bugzilla 2006-02-21 14:01:20 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.