severity 557948 serious thanks Le jeudi 26 novembre 2009 04:30:23 Aníbal Monsalve Salazar, vous avez écrit : > On Wed, Nov 25, 2009 at 02:07:41PM +0100, Sven wrote: > >2.64-1 stopped working here while telneting to the mailhub still > >works as does downgrading to 2.63-1.1. > > > >Error message is alway the following: > >s...@marvin:~$ echo foo|mail -s bar s...@timegate.de > >send-mail: Cannot open mailhub:25 > > Please read bug report #500454: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500454 > > To fix your problem, add the username you're using to run ssmtp to the > mail group list in /etc/groups. Something like: > > grep mail /etc/group > mail:x:8:sven
The mail group has read/write access to /var/mail/* and is intended for the mail daemons. For instance, Dovecot IMAP runs as the dovecot user ID, with mail group permission. Adding all users to the mail group is not just impractical, it is a worse security vulnerability than #500454. All users would be able to read and modify other's mailboxes. That is not to deny that #500454 is a security problem. But putting users in the mail group is not at all a solution. -- Rémi Denis-Courmont http://www.remlab.net/ http://fi.linkedin.com/in/remidenis -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
