mqueue file permissions

Rose, Bobby brose at MED.WAYNE.EDU
Wed Jan 29 21:37:37 GMT 2003 

Adding umask above didn't fix.  I checked the change log on SA and the
only entry that mentions umask is 

2003-01-19 04:25  felicity

        * lib/Mail/SpamAssassin/: BayesStore.pm, Conf.pm,
        DBBasedAddrList.pm, NoMailAudit.pm, PerMsgStatus.pm, Util.pm:
Put
        umask around any open or tie commands.  This will 1) let the
*_mode
        options work as expected, and 2) keep some of our temp files
more
        secure.

If I grep thru all the pm files I see some umasks set to 0 and some 077.
The 077's are in their BayeStore.pm, NoMailAudit.pm and a UnixLocker.pm


So it looks like they are changing it.  What a pain!

-----Original Message-----
From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK] 
Sent: Wednesday, January 29, 2003 3:46 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: mqueue file permissions


At 20:41 29/01/2003, you wrote:
>Weird... I just started having the exact same problem today at 12:50pm 
>EST.  Only change made was updating SA to the latest CVS of 2.50.  Last

>update was about 4 weeks ago.

Fancy checking there are no "umask" calls in the SA code that weren't
there before? The actual spam checking is done in a forked process, so
umask calls in there won't have any effect. But if they have umask calls
in places they shouldn't, it might be possible that they execute one in
the main MS thread. If that is the case, I'm going to have to move the
umask call again.

Is my suggested earlier change working okay? (Adding "umask 0077;" near
the top of WorkForHours() in the main /usr/sbin/MailScanner script).

>-----Original Message-----
>From: Brian Peterson [mailto:brian at KAOSTECH.COM]
>Sent: Wednesday, January 29, 2003 12:46 PM
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: mqueue file permissions
>
>
>I've been seeing problems with the mqueue qf file modes when 
>SpamAssassin is enabled, I've used both SpamAssassin 2.43 and 2.50.  
>The qf files are being delivered to the mqueue directory mode 664 
>instead of 600 which sendmail then complains about bogus uid even 
>though it's the permission.  Has anyone seen this before?
>
>Jan 29 09:34:34 alpha sendmail[7657]: h0THY4D07651: bogus queue file, 
>uid=0, mode=100664 Jan 29 09:34:34 alpha sendmail[7657]: h0THY4D07651: 
>Losing ./qfh0THY4D07651: bogus file uid in mqueue
>
>-rw-------    1 root     root            7 Jan 29 09:34 dfh0THY4D07651
>-rw-rw-r--    1 root     root          894 Jan 29 09:34 Qfh0THY4D07651
>
>
>
>Brian Peterson
>mailto:kaos at kaostech.com

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list