Date: Sat, 28 Feb 1998 16:06:45 +0100 From: Philippe Regnauld <regnauld@deepo.prosa.dk> To: Benedikt Stockebrand <benedikt@devnull.ruhr.de> Cc: Nicolas Pondemer <pondemer@isty-info.uvsq.fr>, freebsd-security@FreeBSD.ORG Subject: Re: Thanks, but... Message-ID: <19980228160645.62766@deepo.prosa.dk> In-Reply-To: <8790qvrg54.fsf@devnull.ruhr.de>; from Benedikt Stockebrand on Sat, Feb 28, 1998 at 02:52:07PM %2B0100 References: <34F5623C.3E6@isty-info.uvsq.fr> <19980226140934.31437@deepo.prosa.dk> <8790qvrg54.fsf@devnull.ruhr.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Benedikt Stockebrand writes:
>
> alias mail="/usr/bin/mail -bB@localhost"
>
> or whatever your preferred shell uses as syntax to ~A/.profile this
> could be done.
This is out of the scope of an external attack on an
environment assumed to minimally secure.
> Yes, it depends on your shell and your preferred MUA and requires some
> sort of security hole (like A not logging out before taking a break).
> Another option would be to add a trojanized MUA binary in ~A/bin or
> such.
And once again, this implies a compromised environment:
either the sysadmin is evil/corrupt, or someone broke
root on the box. In that scenario, the methods are
infinite.
What'd be more interesting is to mangle the headers or confuse
sendmail/some MTA from the *outside* into adding Bcc: headers.
Now that's art :-)
--
-[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-
«Pluto placed his bad dog at the entrance of Hades to keep the dead
IN and the living OUT! The archetypical corporate firewall?»
- S. Kelly Bootle, ("MYTHOLOGY", in Marutukku distrib)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980228160645.62766>