From owner-cvs-all  Sat Sep  8  3:48:55 2001
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 58ECB37B405; Sat,  8 Sep 2001 03:48:50 -0700 (PDT)
Received: (from roam@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f88AmoE46215;
	Sat, 8 Sep 2001 03:48:50 -0700 (PDT)
	(envelope-from roam)
Message-Id: <200109081048.f88AmoE46215@freefall.freebsd.org>
From: Peter Pentchev <roam@FreeBSD.org>
Date: Sat, 8 Sep 2001 03:48:49 -0700 (PDT)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: ports/mail/vpopmail Makefile
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

roam        2001/09/08 03:48:49 PDT

  Modified files:
    mail/vpopmail        Makefile 
  Log:
  Turn off world-readability on the directories holding the executable
  binaries and libraries of vpopmail.  This prevents arbitrary users
  from obtaining the username and password for access to the MySQL database,
  which are present in plaintext in the vpopmail object files and binaries.
  
  Obtained from:	Bugtraq
  
  Revision  Changes    Path
  1.12      +4 -1      ports/mail/vpopmail/Makefile


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message