Red Hat Bugzilla – Bug 3937
User Private Groups and procmail security conflict.
Last modified: 2008-05-01 11:37:51 EDT
Have just upgraded to RedHat 6.0 from RedHat 5.2 and
procmail processing has stopped working.
The security improvements in procmail stop $HOME/.procmailrc
files being read from group writable directories
However, out-of-the box, RedHat has User Private Groups and
a umask of 002. Procmail complains, and won't read the
.procmailrc file, resulting in no processing. UPG is secure
(ish), but procmail can't distinguish between a secure setup
with group writable dirs and an insecure one.
See related problem with sendmail. I'll be happy to continue
discussion of this problem by e-mail.
Fixed in procmail-3.13.1-4 and later ; available in rawhide. Will be
integrated in the next release