Re: crontab reports: ....
*- On 9 Oct, Ben Collins wrote about "Re: crontab reports: ...."
> On Sat, Oct 09, 1999 at 11:54:41AM -0500, Dave Baker wrote:
>> > > /etc/cron.daily/suidmanager:
>> > > /usr/sbin/sendmail PERMISSION MISMATCH: was root.root 777 changed to root.root
>> > 4755
>> > >
>> >
>> > this may sound stupid... but was does this error message means?
>> >
>>
>> This means that suidmanager found a problem with the sendmail executable
>> and fixed it.
>>
>> Having permissions of 777 means that ANYONE can read/write/execute the
>> program. The problem is in the WRITE portion - anyone with access to your
>> host can replace (or perhaps already has?) sendmail with their own
>> version.
>
> I'm sure that /usr/sbin/sendmail is a symlink to the real MTA, which is why
> it keeps showing up (the symlink always has mode 777). This could be
> considered a bug in suidmanager. IMO, the package should add the correct
> file to suidmanager rather than setting the symlink (since the symlink might
> point to another file altogether if the admin set's it up that way).
>
Or sendmail(the package) was orginally installed and when it was
replaced with another MTA like exim the sendmail.postrm script did not
call suidunregister to remove the sendmail line from /etc/suid.conf.
Thus a bug in sendmail.
For exim, the following was added to my /etc/suid.conf with
suidregister:
exim /usr/sbin/exim root root 4755
and sendmail is a link to exim.
I have never had the sendmail package installed so I can't say for sure
if this is the case. Just another scenario.
--
Brian Servis
--
------------------------------------------------------------------------
Mechanical Engineering | Never criticize anybody until you
Purdue University | have walked a mile in their shoes,
servis@purdue.edu | because by that time you will be a
http://www.ecn.purdue.edu/~servis | mile away and have their shoes.
Reply to: