*** This bug is a duplicate of bug 102947 *** https://bugs.launchpad.net/bugs/102947
Public bug reported: Binary package hint: courier-authlib The /etc/init.d/courier-authdaemon creates $RUNDIR with improper permissions, namely, 0750, rather than world-readable. The problem is that if Postfix is configured to execute maildrop from mailbox_command (as suggested in the Postfix HOWTOs), there is a *silent* *unlogged* failure of maildrop to connect to the authdaemon. Since maildrop is designed to run without authdaemon, this causes usual mail filter rules (for instance, in /etc/maildroprc) to not apply, bypassing possible restrictions configured there. It is unclear whether to see this as security vulnerability. Please change the init script to mkdir the relevant directory with mode 0755, and make sure that existing directories are checked and the admin gets warned if it's at 0750. Arguably this could be seen as a maildrop bug which should exit with EX_TEMPFAIL if it cannot connect to the authdaemon, but see above for the note about standalone use. ProblemType: Bug DistroRelease: Ubuntu 10.04 Package: courier-authdaemon 0.62.4-1 ProcVersionSignature: Ubuntu 2.6.32-31.61-generic-pae 2.6.32.32+drm33.14 Uname: Linux 2.6.32-31-generic-pae i686 Architecture: i386 Date: Wed May 4 14:08:58 2011 ProcEnviron: LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: courier-authlib ** Affects: courier-authlib (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug i386 lucid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/777060 Title: /etc/init.d/courier-authdaemon creates $RUNDIR with improper permissions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs