> if [ "X$local_maps" = "X${local_maps#*proxy:unix:passwd.byname}" ]; then
> sed 's/^\([^:]*\):[^:]*/\1:x/' /etc/passwd > etc/passwd
> chmod a+r etc/passwd
> fi
I think this has something to do with postfix creating a local copy of
/etc/passwd for itself in certain configurations. Its working
directory at this point in the init script isn't likely to be /. It's
more likely to be /var/spool/postfix/ or similar.
Again, the fact that you had postfix listening on an external
interface (and presumably not firewalled) is pointing to postfix
misconfiguration (open relay) rather than some more
sinister/interesting attack vector.
~ Daniel
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:10:07 EDT