Date: Mon, 18 Nov 1996 11:10:55 -0700 From: Warner Losh <imp@village.org> To: Bill Fenner <fenner@parc.xerox.com> Cc: Michael Smith <msmith@atrad.adelaide.edu.au>, freebsd-security@freebsd.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <E0vPY9n-0004uG-00@rover.village.org> In-Reply-To: Your message of "Mon, 18 Nov 1996 08:50:01 PST." <96Nov18.085003pst.177557@crevenia.parc.xerox.com> References: <96Nov18.085003pst.177557@crevenia.parc.xerox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <96Nov18.085003pst.177557@crevenia.parc.xerox.com> Bill
Fenner writes:
: It is, of course, possible to run as root for *just long enough* to bind to
: port 25. Then setuid("smtp").
You then must give up running the shell scripts in the users' .forward
file as that user. mail.local doesn't do this, btw.
Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vPY9n-0004uG-00>