In poking around my logfiles to find some information to help diagnose another issue I am having, I came across this entry in /var/log/mail.log
Mar 25 07:08:30 box opendkim[1052]: domain.com: key data is not secure: /home/user-data is writeable and owned by uid 1004 which is not the executing uid (114) or the superuser
What are the security implications of this log entry and what steps need to be taken to address it?
Thanks!
Who on your server has uid 114 (root being 0 I belive) 114 might be your user id (Assuming it is alento) check if you user OWNS the dir:
ls -la /home and see EG: drwxr-xr-x 2 owneruser ownergroup 4096 Mar 3 08:26 user-data
(Note: the permissions listed for my folder will be different than yours because I have a heavily modified system, however the same basic principle applies: If you own the folder /home/user-data AND your user id is 114 (very likely) then realistically there are no security implications per-se, so long as your user id itself is secure.)
Hmmm, I should have looked at the uid’s … 114 is opendkim and 1004 is user-data. So I guess nothing to see here!
Thanks!
I think it would be nice if it’s possible to look into why we’re getting this in the logs though and see if there is any way of stopping the warning.
If the data was only readable by opendkim that would be possible, however since the data needs to be readable by both your user (not specifically YOU) as well as opendkim (Why the error is happening).
You would have to modify and compile from source to surpress the error.