From e1d379eb59df0c6835ed1cbc94db816638cbc4c5 Mon Sep 17 00:00:00 2001 From: gshapiro Date: Fri, 24 May 2002 01:44:53 +0000 Subject: [PATCH] Change the default permissions for the sendmail statistics file to 0640 instead of 0644 to help protect users against a file locking local denial of service. MFC after: 1 day pending RE approval --- etc/newsyslog.conf | 2 +- etc/sendmail/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/newsyslog.conf b/etc/newsyslog.conf index 78605f74ebad..01893d7ffcf9 100644 --- a/etc/newsyslog.conf +++ b/etc/newsyslog.conf @@ -14,7 +14,7 @@ /var/log/kerberos.log 600 7 100 * Z /var/log/lpd-errs 644 7 100 * Z /var/log/maillog 640 7 * @T00 Z -/var/log/sendmail.st 644 10 * 168 B +/var/log/sendmail.st 640 10 * 168 B /var/log/messages 644 5 100 * Z /var/log/all.log 600 7 * @T00 Z /var/log/slip.log root:network 640 3 100 * Z diff --git a/etc/sendmail/Makefile b/etc/sendmail/Makefile index 5162498ba6ab..394d7b1498ca 100644 --- a/etc/sendmail/Makefile +++ b/etc/sendmail/Makefile @@ -133,7 +133,7 @@ distribution: freebsd.cf freebsd.mc ${INSTALL_CF} ${INSTALL_SUBMIT_CF} .endif ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 444 ${SMDIR}/helpfile \ ${DESTDIR}/etc/mail/helpfile - ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 644 /dev/null \ + ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 640 /dev/null \ ${DESTDIR}/var/log/sendmail.st .include