From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322) Description of problem: See Bug 10678: https://bugzilla.redhat.com/bugzilla/show_bug.cgi? id=10678. This looks like a regression. I am seeing log messages of the form: Feb 16 14:23:16 sycamore ipop3d[8976]: Mailbox vulnerable - directory /var/spool/mail must have 1777 protection The /var/spool/mail directory has the permissions with which it was installed in ES 3.0 Update 1: drwxrwxr-x 2 root mail 4096 Feb 16 14:21 /var/spool/mail These permissions seem appropriate [See discussion in Bug 10678 as well], and the error messages should really be removed from ipop3d; if there is any way to disable them, please advise. The pacakage is imap-2002d-2.rpm from the ES 3.0 Update 1 distribution. I was not seeing these when running 7.2 (with all updates), which I was running until 2/15/04. An additional nuisance is that these messages then trigger LogWatch alerts. Version-Release number of selected component (if applicable): imap-2002d-2 How reproducible: Always Steps to Reproduce: 1. Install RedHat ES 3.0 Update 1 2. Set up sendmail (default). 3. Enable ipop3 service in xinetd 4. Send some mail to an account 5. Connect from any pop3 client Actual Results: Spurious vulnerability warnings, but no functional problems Additional info: This appears to be a regression of Bug 10678.
Yep, it seems a patch must have gotten accidentally dropped somewhere along the way that squelches that bogus error message. *** This bug has been marked as a duplicate of 103479 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.