Addition/Protect.Configure.Files
From iRedMail
(Difference between revisions)
| Line 8: | Line 8: | ||
* On RHEL/CentOS: | * On RHEL/CentOS: | ||
{{cmd|<pre> | {{cmd|<pre> | ||
| - | # chmod 0500 | + | # chmod 0500 /etc/dovecot-ldap.conf /etc/dovecot-mysql.conf # Dovecot |
# chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix | # chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix | ||
# chmod 0600 /etc/httpd/conf.d/awstats.conf # Awstats | # chmod 0600 /etc/httpd/conf.d/awstats.conf # Awstats | ||
| Line 15: | Line 15: | ||
* On Debian/Ubuntu: | * On Debian/Ubuntu: | ||
{{cmd|<pre> | {{cmd|<pre> | ||
| - | # chmod 0500 | + | # chmod 0500 /etc/dovecot/dovecot-ldap.conf /etc/dovecot/dovecot-mysql.conf # Dovecot |
# chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix | # chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix | ||
# chmod 0600 /etc/apache2/conf.d/awstats.conf # Awstats | # chmod 0600 /etc/apache2/conf.d/awstats.conf # Awstats | ||
| Line 22: | Line 22: | ||
* On FreeBSD: | * On FreeBSD: | ||
{{cmd|<pre> | {{cmd|<pre> | ||
| - | # chmod 0500 | + | # chmod 0500 /etc/dovecot-ldap.conf /etc/dovecot-mysql.conf # Dovecot |
# chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix | # chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix | ||
# chmod 0600 /usr/local/etc/apache22/Includes/awstats.conf # Awstats | # chmod 0600 /usr/local/etc/apache22/Includes/awstats.conf # Awstats | ||
</pre>}} | </pre>}} | ||
Revision as of 08:43, 25 July 2010
iRedMail-0.6.0 and earlier versions didn't set strict file permission on config files, even they contain username/passwords. Below's a quick fix, if you found that we missed some other files, please contact us.
Note:
- iRedAPD-1.3.3 is set to run as a low privilege user, if you didn't upgrade it, please reinstall it with iRedAPD install tutorial.
- iRedAdmin is set to run as a low privilege user, if you didn't apply this, please read this simple tutorial: Secure your exist iRedAdmin.
Steps:
- On RHEL/CentOS:
| Terminal: |
# chmod 0500 /etc/dovecot-ldap.conf /etc/dovecot-mysql.conf # Dovecot # chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix # chmod 0600 /etc/httpd/conf.d/awstats.conf # Awstats |
- On Debian/Ubuntu:
| Terminal: |
# chmod 0500 /etc/dovecot/dovecot-ldap.conf /etc/dovecot/dovecot-mysql.conf # Dovecot # chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix # chmod 0600 /etc/apache2/conf.d/awstats.conf # Awstats |
- On FreeBSD:
| Terminal: |
# chmod 0500 /etc/dovecot-ldap.conf /etc/dovecot-mysql.conf # Dovecot # chmod 0640 /etc/postfix/ldap_*.cf /etc/postfix/mysql_*cf # Postfix # chmod 0600 /usr/local/etc/apache22/Includes/awstats.conf # Awstats |
