Date: Mon, 18 Nov 1996 11:10:55 -0700 From: Warner Losh <imp@village.org> To: Bill Fenner <fenner@parc.xerox.com> Cc: Michael Smith <msmith@atrad.adelaide.edu.au>, freebsd-security@freebsd.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <E0vPY9n-0004uG-00@rover.village.org> In-Reply-To: Your message of "Mon, 18 Nov 1996 08:50:01 PST." <96Nov18.085003pst.177557@crevenia.parc.xerox.com> References: <96Nov18.085003pst.177557@crevenia.parc.xerox.com>
index | next in thread | previous in thread | raw e-mail
In message <96Nov18.085003pst.177557@crevenia.parc.xerox.com> Bill
Fenner writes:
: It is, of course, possible to run as root for *just long enough* to bind to
: port 25. Then setuid("smtp").
You then must give up running the shell scripts in the users' .forward
file as that user. mail.local doesn't do this, btw.
Warner
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vPY9n-0004uG-00>