/var/spool/mail is properly g+w --- actually it should be 1777 'user' "mail" should probably have a 'home' directory below /var/spool/mail, to prevent these messages: Jun 18 20:11:01 localhost sendmail[3060]: alias database /etc/aliases autorebuilt by root Jun 18 20:11:01 localhost sendmail[3060]: /etc/aliases: 14 aliases, longest 10 bytes, 152 bytes total Jun 18 20:11:02 localhost sendmail[3060]: e5J0AxB03060: forward /var/spool/mail/.forward.build: Group writable directory Jun 18 20:11:02 localhost sendmail[3060]: e5J0AxB03060: forward /var/spool/mail/.forward: Group writable directory ------------------- [root@localhost /etc]# grep mail passwd mail:x:8:12:mail:/var/spool/mail: mailnull:x:47:47::/var/spool/mqueue:/dev/null [root@localhost /etc]# ------------------- I'd suggest that mail be given "/var/spool/mail/home" with ownership mail.mail and permissions 700, so that it may safely rebuild the aliases file without the exposure to a race exploit. This may more properly affect 'filesystem' as well -- If so, perhaps we should open a cross-reference bug there, too. Another approach would be to all a blanket forward in /etc/aliases so that all mail to 'mail' is sent to root. But then, too, root's mail should also be sent to an end user account for security's sake. I'll submit that as an enhancement request.
sendmail-8.10.1-9 doesnt generate the permissions error anymore. The rest may still stand as feature requests. Henri J. Schlereth
Alan Cox has dedclined the 1777 on testers list -- the rest are not active -- close by initial requester