Red Hat Bugzilla – Bug 115903
ipop3d complains about /var/spool/mail permissions
Last modified: 2007-11-30 17:07:00 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET
CLR 1.0.3705; .NET CLR 1.1.4322)
Description of problem:
See Bug 10678: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?
id=10678. This looks like a regression.
I am seeing log messages of the form:
Feb 16 14:23:16 sycamore ipop3d: Mailbox vulnerable -
directory /var/spool/mail must have 1777 protection
The /var/spool/mail directory has the permissions with which it was
installed in ES 3.0 Update 1:
drwxrwxr-x 2 root mail 4096 Feb 16
These permissions seem appropriate [See discussion in Bug 10678 as
well], and the error messages should really be removed from ipop3d;
if there is any way to disable them, please advise. The pacakage is
imap-2002d-2.rpm from the ES 3.0 Update 1 distribution.
I was not seeing these when running 7.2 (with all updates), which I
was running until 2/15/04.
An additional nuisance is that these messages then trigger LogWatch
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install RedHat ES 3.0 Update 1
2. Set up sendmail (default).
3. Enable ipop3 service in xinetd
4. Send some mail to an account
5. Connect from any pop3 client
Actual Results: Spurious vulnerability warnings, but no functional
This appears to be a regression of Bug 10678.
Yep, it seems a patch must have gotten accidentally dropped
somewhere along the way that squelches that bogus error message.
*** This bug has been marked as a duplicate of 103479 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.