Hi list,

otrs.SetPermissions.pl doesn't set the proper access mode to $DestDir when using .procmailrc and not using the --secure switch.

In this case, $DestDir is made group-writeable whereas, according to procmail's man page, it shouldn't.

The offending line in otrs.SetPermissions.pl is the following, but I don't know how to correctly fix it:

# set permissions
print "Setting permissions on $DestDir\n";
if ($Secure) {

    # In secure mode, make files read-only by default
    File::Find::find(
        { wanted => \&MakeReadOnly, no_chdir => 1 },
        $DestDir . "/"
    );    # append / to follow symlinks

    # Also change the toplevel directory/symlink itself
    MakeReadOnly($DestDir);
}
else {

    # set all files writeable for webserver user (needed for package manager)
    File::Find::find(
        { wanted => \&MakeWritable, no_chdir => 1 },
        $DestDir . "/"
    );    # append / to follow symlinks

    # Also change the toplevel directory/symlink itself

>>>>>>>>>
>>>>>>>>>    MakeWritable($DestDir);
>>>>>>>>>

    # set the $HOME to the OTRS user
    if ( !$NotRoot ) {
        SafeChown( $OtrsUserID, $OtrsGroupID, $DestDir );
    }
}

Best regards,

Cyrille