[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] unable to read configuration file

To: leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [leafnode-list] unable to read configuration file
From: Matthias Andree <ma@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: by mail-ob (mbox f11350)(with Cubic Circle's cucipop (v1.31 1998/05/13) Tue Nov 27 18:09:18 2001)

"Thomas D. Kryger" <thomas@xxxxxxxxxxx> writes:

> Just found the error myself. The owner/group on the config-file was not
> news, but root. Changing it to news.news fixed the problem

Better make it root.news and mode 0440 or 0640 so that it cannot be
overwritten should an exploit against leafnode be found in the
future. leafnode drops privileges to user "news" early, so that's one
more barrier there is to add.

-- 
Matthias Andree

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."         Benjamin Franklin

-- 
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list

References:
- RE: [leafnode-list] unable to read configuration file
  - From: Thomas D. Kryger

Prev by Date: RE: [leafnode-list] unable to read configuration file
Next by Date: Re: [leafnode-list] Generating Message-IDs
Previous by thread: RE: [leafnode-list] unable to read configuration file
Next by thread: [leafnode-list] Trouble installing leafnode (rpm)
Index(es):
- Date
- Thread