[PATCH 05/20] DMA: do not ship a binary for creating mail boxes

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

From: "Peter Müller" <peter.mueller@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 05/20] DMA: do not ship a binary for creating mail boxes
Date: Mon, 17 May 2021 21:02:36 +0200	[thread overview]
Message-ID: <2fb1ab47-34a4-f58d-93a8-3e2f79f122ff@ipfire.org> (raw)
In-Reply-To: <6a4b79d4-6fdd-612f-36d4-e7614f1164be@ipfire.org>

[-- Attachment #1: Type: text/plain, Size: 691 bytes --]

This is only needed in case of bounces generated by locally emitted
messages. We neither store these, nor do we create mail boxes on a
firewall. Safe to drop.

Cc: Michael Tremer <michael.tremer(a)ipfire.org>
Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
---
 config/rootfiles/common/dma | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/rootfiles/common/dma b/config/rootfiles/common/dma
index e98e67415..79cad8ece 100644
--- a/config/rootfiles/common/dma
+++ b/config/rootfiles/common/dma
@@ -1,5 +1,5 @@
 etc/alternatives/sendmail
-usr/lib/dma-mbox-create
+#usr/lib/dma-mbox-create
 usr/sbin/dma
 usr/sbin/dma-cleanup-spool
 usr/sbin/mailq
-- 
2.26.2

next prev parent reply	other threads:[~2021-05-17 19:02 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-17 19:00 [PATCH 00/20] Prevent "nobody" from escalating privileges by using writeable binaries as a vehicle Peter Müller
2021-05-17 19:00 ` [PATCH 01/20] GnuPG does not need to have a SUID bit set Peter Müller
2021-05-17 19:01   ` [PATCH 02/20] Core Update 157: remove SUID bit from /usr/bin/gpg Peter Müller
2021-05-17 19:01     ` [PATCH 03/20] /usr/bin/ping does not need a SUID bit if appropriate capabilities are set Peter Müller
2021-05-17 19:02       ` [PATCH 04/20] Core Update 157: Delete ssh-keysign binary Peter Müller
2021-05-17 19:02         ` Peter Müller [this message]
2021-05-17 19:02           ` [PATCH 06/20] Core Update 157: Delete orphaned DMA mail box creation binary as well Peter Müller
2021-05-17 19:03             ` [PATCH 07/20] Core Update 157: /var/ipfire/fwhosts/icmp-types does not have to be executable Peter Müller
2021-05-17 19:03               ` [PATCH 08/20] Core Update 157: Ship changed iputils due to /usr/bin/ping changes Peter Müller
2021-05-17 19:04                 ` [PATCH 09/20] backup: prevent /var/ipfire/backup/bin/backup.pl from being owned by nobody Peter Müller
2021-05-17 19:04                   ` [PATCH 10/20] SquidGuard: Prevent binaries within /var/ipfire/urlfilter/bin/ " Peter Müller
2021-05-17 19:04                     ` [PATCH 11/20] Core Update 157: Apply changed permissions to /var/ipfire/urlfilter/bin/ Peter Müller
2021-05-17 19:05                       ` [PATCH 12/20] Squid: Prevent binaries within /var/ipfire/updatexlrator/bin/ from being owned by nobody Peter Müller
2021-05-17 19:05                         ` [PATCH 13/20] Core Update 157: Apply changed permissions to /var/ipfire/updatexlrator/bin/ Peter Müller
2021-05-17 19:05                           ` [PATCH 14/20] OpenVPN: ovpn-leases.db for sure does not have to be executable Peter Müller
2021-05-17 19:06                             ` [PATCH 15/20] Core Update 157: Apply changed permissions to /var/ipfire/ovpn/ovpn-leases.db Peter Müller
2021-05-17 19:06                               ` [PATCH 16/20] Core Update 157: Remove executable bit less ugly Peter Müller
2021-05-17 19:06                                 ` [PATCH 17/20] NRPE: Prevent NRPE binary from being owned by "nobody" Peter Müller
2021-05-17 19:07                                   ` [PATCH 18/20] nagios-plugins: Prevent Nagios plugins from being owned by nobody Peter Müller
2021-05-17 19:07                                     ` [PATCH 19/20] Squid: cachemgr.cgi does not have to be owned (hence writeable) " Peter Müller
2021-05-17 19:07                                       ` [PATCH 20/20] Core Update 157: Apply changed permissions to /srv/web/ipfire/cgi-bin/cachemgr.cgi Peter Müller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2fb1ab47-34a4-f58d-93a8-3e2f79f122ff@ipfire.org \
    --to=peter.mueller@ipfire.org \
    --cc=development@lists.ipfire.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox