Hi, Zi Loff wrote on Thu, Apr 12, 2012 at 10:43:32AM +0100:
> security(8) complains about the permissions of my postfix's virtual > hosts maildir, I assume because of the directory mode bit. I once found > a patch to /usr/libexec/security that fixed it, but I can't seem to find > it anywhere now. > > IIRC, it was a small fix to > > nag S_IMODE($mode) != (S_IRUSR | S_IWUSR), > > but I lack the skills to fix it myself. Can anyone give me a hand? It's > not that important, really, I'm just trying to avoid all the "daily > insecurity outputs" I get stating nothing but this "problem"... It is hard to guess what you need from the scarce information you provide. Can you show the output of # ls -al /var/mail on the machine in question, and the exact messages you see in your daily security emails? Then again, if that directory contains anything else except one mailbox per user, i'm not sure it's wise to put that data in /var/mail, that might confuse more than one program. In case you insist to keep non-standard data in /var/mail, the easiest way to get rid of the warnings probably is to comment the two lines $check_title = "Checking mailbox ownership."; check_mailboxes; in /usr/libexec/security; but note that you have to do that again each time you update the operating system, so moving your data somewhere else may be easier. Right now, i don't see how i could improve the official security(8) script in this respect. Yours, Ingo
