Date: Mon, 18 Nov 1996 10:32:32 -0800 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: Ben Black <black@gage.com>, Bill Fenner <fenner@parc.xerox.com> Cc: freebsd-security@FreeBSD.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <199611181832.KAA15915@salsa.gv.ssi1.com> In-Reply-To: Ben Black <black@gage.com> "Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)." (Nov 18, 11:49am)
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 18, 11:49am, Ben Black wrote:
} Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
} >It is, of course, possible to run as root for *just long enough* to bind to
} >port 25. Then setuid("smtp").
} >
}
} even better would be finer grained control over access to low numbered ports
} so you wouldn't need to be root to bind port 25.
Be careful, that blade cuts both ways. If you do this then you only need
to be able to gain access to the smtp user in order to steal the mail. This
may be easier than attacking root.
--- Truck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611181832.KAA15915>