/var/dcc/map is not private

Chris cpollock@embarqmail.com
Sun Jan 27 18:03:47 UTC 2008


On Sunday 27 January 2008 10:41 am, Vernon Schryver wrote:

>
> mail to this mailing list encrypted as quoted-printable, HTML, etc.
> has to wait until I manually check it.
>
I'll remember that Vernon and not sign my messages anymore, thanks.

> cdcc and dccproc are set-UID so that they can read the private
> file /var/dcc/map
>
> Assuming you have made no DCC configuration changes except with
> ./configure, in your position I would delete everything except
> /var/dcc/libexec/updatedcc and then run that shell script.  It should
> fetch, ./configure, compile, install, and restart the code including
> building a new /var/dcc/map file.
>
> updatedcc is modified by the previous ./configure cycle to contain those
> ./configure parameters.
>
I've done what you suggested, permissions look like this now:

drwxrwxr-x  3 root root 4096 Jan 27 11:43 build/
drwxrwxr-x  2 root bin  4096 Jan 27 11:44 cgi-bin/
-rw-r--r--  1 root root 4972 Jan 27 11:44 dcc_conf
-rw-r--r--  1 root bin   796 Jan 27 11:44 flod
-rw-r--r--  1 root bin   426 Jan 27 11:44 grey_flod
-rw-r--r--  1 root bin   496 Jan 27 11:44 grey_whitelist
-rw-------  1 root root 2431 Jan 27 11:44 ids
drwxr-xr-x  2 bin  bin  4096 Jan 27 11:44 libexec/
drwxrwxr-x  2 root root 4096 Jan 27 11:27 log/
-rw-------  1 root root 7564 Jan 27 11:44 map
-rw-------  1 root root  359 Jan 27 11:44 map.txt
-rw-r--r--  1 root bin  3927 Jan 27 11:44 whiteclnt
-rw-r--r--  1 root bin  1668 Jan 27 11:44 whitecommon
-rw-r--r--  1 root bin   864 Jan 27 11:44 whitelist

-r-sr-xr-x  1 root   bin     471136 Jan 27 11:44 dccproc*
-r-sr-xr-x  1 root   bin     161288 Jan 27 11:44 cdcc*

Hopefully this will fix my screwups. I'm pretty sure whatever I did was 
affecting the SA plug-in also. I'll have to check next hours log snip and see 
if it did and let you know. 

Thanks for your help Vernon, appreciate it.

Chris

-- 
Chris
KeyID 0xE372A7DA98E6705C



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.