Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 04 Jan 2000 03:20:29 +0800
From:      Peter Wemm <peter@netplex.com.au>
To:        Ole Pahl <op@pahl.net>
Cc:        Przemyslaw Frasunek <venglin@FreeBSD.lublin.pl>, freebsd-bugs@freebsd.org
Subject:   Re: Bug in recent versions of Vixie cron 
Message-ID:  <20000103192029.165A91CA0@overcee.netplex.com.au>
In-Reply-To: Message from Ole Pahl <op@pahl.net>  of "Sun, 02 Jan 2000 23:13:55 %2B0100." <Pine.LNX.4.05.10001022307200.12566-100000@muschel.global-phun.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
Ole Pahl wrote:
> On Sun, 2 Jan 2000, Przemyslaw Frasunek wrote:
> 
> > > This problem seems to be present in current versions of Vixie cron, e.g.
> > > those used in operating systems like FreeBSD 3.4-RC as well as certain
> > > Linux distributions such as SuSE Linux 6.2.
> 
> > FreeBSD is and was NOT vulnerable to this problem.
> 
> The person who tried to reproduce this problem on his FreeBSD machine just
> confirmed that he could not pass arbitrary commands to Sendmail using the
> MAILTO environment variable. However, Sendmail is still executed as root -
> that condition can't be exploited due to proper argument checking, though.

Have you actually *looked* at our version of the code?  There is no
"argument checking" as there are no user-supplied arguments being passed to
sendmail. (Hint: take a look at these two:
 http://www.FreeBSD.org/cgi/cvsweb.cgi/src/usr.sbin/cron/cron/do_command.c
 http://www.FreeBSD.org/cgi/cvsweb.cgi/src/usr.sbin/cron/cron/config.h
and the changes in April 1995)

> For further replies, please make sure to remove BugTraq from the CC list in
> order to keep Aleph1 from being bothered - I think any further discussion
> on this issue is not relevant for BugTraq.

It would be nice if people would actually *test* their claims before hitting
'send' on their mail and crying wolf yet again.

Cheers,
-Peter



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000103192029.165A91CA0>