From owner-freebsd-security Sun Jun 9 23:05:06 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA17240 for security-outgoing; Sun, 9 Jun 1996 23:05:06 -0700 (PDT) Received: from black.gensys.com (black.gensys.com [206.109.98.10]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA17216 for ; Sun, 9 Jun 1996 23:05:02 -0700 (PDT) Received: (from jhupp@localhost) by black.gensys.com (8.7.5/8.6.12) id BAA02266; Mon, 10 Jun 1996 01:04:45 -0500 (CDT) From: Jeff Hupp Message-Id: <199606100604.BAA02266@black.gensys.com> Subject: Re: setuid root sendmail vs. mode 1733 /var/spool/mqueue? To: rgrimes@GndRsh.aac.dev.com (Rodney W. Grimes) Date: Mon, 10 Jun 1996 01:04:44 -0500 (CDT) Cc: taob@io.org, freebsd-security@FreeBSD.ORG In-Reply-To: <199606100512.WAA15320@GndRsh.aac.dev.com> from "Rodney W. Grimes" at Jun 9, 96 10:12:05 pm X-Mailer: ELM [version 2.4 PL24 ME8a] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Rodney W. Grimes shaped electrons to form: : > On Sun, 9 Jun 1996, Rodney W. Grimes wrote: : > > : > > Denial of service attack: : > > cat /dev/zero >/var/spool/mqueue/onebigwhole bs=32b : > > : : On mail hub servers I usually make /tmp and /var/tmp a seperate partition : to avoid this denial of service attack, makeing /var/spool/mqueue 1733 : would open it back up :-(. : : It is impossible to totally close, as the user can mail himself or someone : else a large file, or lots of smaller files :-(. This can be closed with the quota mods to mail.local and sendmail.cf Any ISP that doesn't do this is leaving themselves wide open to attack by both the hostie and ignorant. -- Jeff Hupp | Happiness is: | PGP Public Key | Running FreeBSD. | available at | Help stamp out Redmond syndrome! | http://gensys.com