From owner-freebsd-hackers Tue Apr 11 20:35:50 1995 Return-Path: hackers-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id UAA24557 for hackers-outgoing; Tue, 11 Apr 1995 20:35:50 -0700 Received: from sequent.kiae.su (sequent.kiae.su [144.206.136.6]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id UAA24534 for ; Tue, 11 Apr 1995 20:35:44 -0700 Received: by sequent.kiae.su id AA27479 (5.65.kiae-2 ); Wed, 12 Apr 1995 07:24:43 +0400 Received: by sequent.KIAE.su (UUMAIL/2.0); Wed, 12 Apr 95 07:24:43 +0400 Received: (from ache@localhost) by astral.msk.su (8.6.8/8.6.6) id HAA03111; Wed, 12 Apr 1995 07:24:42 +0400 To: freebsd-hackers@FreeBSD.org, Mike Pritchard References: <199504111500.KAA01076@mpp.com> In-Reply-To: <199504111500.KAA01076@mpp.com>; from Mike Pritchard at Tue, 11 Apr 1995 10:00:48 -0500 (CDT) Message-Id: Organization: Olahm Ha-Yetzirah Date: Wed, 12 Apr 1995 07:24:41 +0400 X-Mailer: Mail/@ [v2.32 FreeBSD] From: "Andrey A. Chernov, Black Mage" X-Class: Fast Subject: Re: atrun fix Lines: 17 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Length: 879 Sender: hackers-owner@FreeBSD.org Precedence: bulk In message <199504111500.KAA01076@mpp.com> Mike Pritchard writes: >Here is a fix for the atrun security hole. When sending mail, atrun >will switch ids to that of the user running the at job. This will >prevent the user from spoofing sendmail any more than they could from a >login shell. I also fixed it so that it correctly sets up the users groups >before running the at job or sending mail to the user. It also now requires >that the user be present in the password file before allowing the >job to execute. I just commit different fix for all problems that you mention. -- Andrey A. Chernov : And I rest so composedly, /Now, in my bed, ache@astral.msk.su : That any beholder /Might fancy me dead - FidoNet: 2:5020/230.3 : Might start at beholding me, /Thinking me dead. RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849