Package: s-nail
Version: 14.8.5-4
Followup-For: Bug #806858
Dear Maintainer,
So what, exactly, are the correct permissions for s-nail-privsep?
Should it be:
-rwxr-sr-x 1 root mail 10104 Dec 4 14:52 /usr/lib/s-nail/s-nail-privsep
or:
-rwsr-xr-x 1 root mail 10104 Dec 4 14:52
Hallo Steffen,
thank you very much for the detailed explanation of your security
considerations. The concept looks sound for me.
And I keep /usr/lib/s-nail/s-nail-privsep SETUID root.
And for your next e-mail:
My fault. I searched the man-page for "dotlock" but overlooked the "a"-example.
The
Hallo und guten Morgen!
Jörg-Volker Peetz wrote:
|thank you very much for the detailed explanation of your security
|considerations. The concept looks sound for me.
Yes – i think it really is.
|And I keep /usr/lib/s-nail/s-nail-privsep SETUID root.
Huh. No chance against
i wrote:
|Hello, i'm the codebase maintainer of S-nail,
|
|Jörg-Volker Peetz wrote:
||Package: s-nail
||Version: 14.8.5-3
|
||trying to read local mails in /var/mail with mailx fails with output as
||follows:
||
||Creating dotlock for "/var/mail/" .
||Unable to
Dear Steffen,
please see comments below.
Steffen Nurpmeso wrote on 12/02/2015 12:22:
> Hello, i'm the codebase maintainer of S-nail,
>
>
> S-nail ships with a special, privilege-separated program that must
> be installed SETUID root; it seems Debian installs this program as
>
Hallo Jörg-Volker,
Jörg-Volker Peetz wrote:
|Steffen Nurpmeso wrote on 12/02/2015 12:22:
|> S-nail ships with a special, privilege-separated program that must
|> be installed SETUID root; it seems Debian installs this program as
|> "/usr/lib/s-nail/s-nail-privsep". Doing "$
Package: s-nail
Version: 14.8.5-3
Severity: normal
Dear Maintainer,
trying to read local mails in /var/mail with mailx fails with output as
follows:
Creating dotlock for "/var/mail/" .
Unable to (dot) lock mailbox, aborting operation: Permission denied
Creating dotlock for "/var/mail/"
Hello, i'm the codebase maintainer of S-nail,
Jörg-Volker Peetz wrote:
|Package: s-nail
|Version: 14.8.5-3
|trying to read local mails in /var/mail with mailx fails with output as
|follows:
|
|Creating dotlock for "/var/mail/" .
|Unable to (dot) lock mailbox, aborting
Jörg-Volker Peetz wrote:
|May I ask where s-nail tries to write the "dotfile"?
|As far as I remember, mailx didn't need the sticky root bit before.
I forgot to say that i really put some effort into the manual (and
it will be even better in v14.9).
So the answer for this can
9 matches
Mail list logo