Date: Sun, 17 Nov 1996 21:05:18 -0800 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: newton@communica.com.au (Mark Newton), msmith@atrad.adelaide.edu.au (Michael Smith) Cc: imp@village.org, batie@agora.rdrop.com, adam@homeport.org, pgiffuni@fps.biblos.unal.edu.co, freebsd-security@FreeBSD.ORG Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <199611180505.VAA14699@salsa.gv.ssi1.com> In-Reply-To: newton@communica.com.au (Mark Newton) "Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)." (Nov 18, 3:05pm)
next in thread | raw e-mail | index | archive | help
On Nov 18, 3:05pm, Mark Newton wrote: } Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). } Michael Smith wrote: } > but his point is } > valid. In fact, if it were possible to be non-root and bind to port 25, } } That's a wonderful point: The only reason sendmail needs root to bind to } port 25 as a daemon is because of the rather UNIX-centric view that TCP/IP } ports less than 1024 can only be allocated by a privileged user. TCP/IP } implementations on non-UNIX platforms disagree violently with this } assumption, which makes the value of this "security" feature rather dubious. And on those platforms, J. Random user could intercept all incoming mail. Binding a socket to port 23 would be a good way to collect telnet passwords, too ;-) --- Truck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611180505.VAA14699>