/var/dcc/map is not private

Chris cpollock@embarqmail.com
Sun, 27 Jan 2008 10:06:38 -0600 

--nextPart2303122.G5yE5Uq94h
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

I've messed up permissions somehow on the above file I think.

drwxr-xr-x  3 root root  4096 Jan 26 16:45 build/
drwxr-xr-x  2 root bin   4096 Jan 26 16:46 cgi-bin/
=2Drwxrwxr--  1 root root  4441 Jul  6  2007 dcc_conf*
=2Drwxrwxr--  1 root root  4972 Jan 26 16:46 dcc_conf-new*
=2Drw-r--r--  1 root bin    825 Dec 26  2004 flod
=2Drw-r--r--  1 root bin    561 Dec 26  2004 grey_flod
=2Drw-r--r--  1 root bin    496 Dec 26  2004 grey_whitelist
=2Drw-------  1 root root  2549 Dec 26  2004 ids
drwxr-xr-x  2 bin  bin   4096 Jan 26 16:46 libexec/
drwxr-xr-x  2 root bin   4096 Dec 26  2004 log/
=2Drw-rw----  1 root root  7564 Jan 25 15:56 map
=2Drw-------  1 root root  2565 Jul  7  2007 map.txt
=2Drw-r--r--  1 root root  2565 Jul  7  2007 map.txt~
=2Drw-r--r--  1 root bin   3096 Dec 26  2004 whiteclnt
=2Drw-r--r--  1 root bin  12099 Dec 26  2004 whitecommon
=2Drw-r--r--  1 root bin    482 Dec 26  2004 whitelist

I keep seeing this in my hourly syslog output:

Jan 27 08:29:09 localhost dccproc[19405]: /var/dcc/map is not private

The next line in the log warns me about the DCC plug-in for Spamassassin:

Jan 27 08:29:09 localhost spamd[21849]: Use of uninitialized value in strin=
g=20
at /etc/mail/spamassassin/DCC.pm line 417.

That line is below:

$permsgstatus->test_log("$permsgstatus->{dcc_header_result}");

I noticed that since whatever I did no DCC checks have apparently been made=
 of=20
the database since whats below is what all spam shows now for dcc checks:

Not listed in DCC
[]

I'm also seening this now in my 4:00am check:

Jan 26 04:04:37 localhost : Security Warning: Change in Suid Root files=20
found :
Jan 26 04:04:37 localhost : - No longer present suid root=20
file : /usr/local/bin/cdcc
Jan 26 04:04:37 localhost : - No longer present suid root=20
file : /usr/local/bin/dccproc

I see that somehow I changed the permissions to this:

=2Dr-sr-xr-x  1 root   bin     161288 Jan 26 16:46 cdcc*
=2Dr-sr-xr-x  1 root   bin     471136 Jan 26 16:46 dccproc*

I've changed them back to what it looks like everything else is:

=2Drwxr-xr-x  1 root   bin     161288 Jan 26 16:46 cdcc*
=2Drwxr-xr-x  1 root   bin     471136 Jan 26 16:46 dccproc*

This will teach me to screw with things when I have the flu and can't read=
=20
apparently can't read the output of my syslog snips correctly. Thanks for a=
ny=20
assistance.=20

Chris

=2D-=20
Chris
KeyID 0xE372A7DA98E6705C

--nextPart2303122.G5yE5Uq94h
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQBHnKwc43Kn2pjmcFwRAjRtAJ9tYCm85docjvAgbyQoWePkSUWnmgCeMU6w
5sVl7LbthvkNzzegTRwL5NA=
=8CxE
-----END PGP SIGNATURE-----

--nextPart2303122.G5yE5Uq94h--