Re: export/email and weird permission

tonysar · ‎01-05-2018

Hello

I just notice this /var/export/email folder in version 2.2.2 and very odd permission setting for it

owner had no Read , but had Wright , Execute. and user had "T" as a last bit of permission .

I assume this is compromised site as of now. but i like to know if this folders are normal folders within magento .

Thanks

Tom Robertshaw · ‎01-06-2018

Here's a guide on what permissions should be set in Magento http://devdocs.magento.com/guides/v2.0/config-guide/prod/prod_file-sys-perms.html.

This alone is unlikely to indicate the server is compromised. It could just be a misconfiguration.

----
If you've found one of my answers useful, please give "Kudos" or "Accept as Solution" as appropriate. Thanks!

dunarri · ‎02-10-2018

I've noticed this too, so I doubt both our sites are compromised in the same way. I believe it is a bug in Magento 2.2.2 where it creates this directory.

Volvox · ‎04-04-2018

Magento 2.2 and somehow this folder appear twice already (and messed with our releaser :/ ). This happend on test server so it's unlikely this was caused by attack by third party.

d-wxr-sr-T 3 user group 4096 Apr  1 02:00 export

khowlett2 · ‎10-03-2018

Were you using the dotmailer extension for Magento 2? If so then this may not be related to a compromise but with a possible reported issue with that extension: https://github.com/dotmailer/dotmailer-magento2-extension/issues/515