Date: Sun, 17 Nov 1996 19:55:10 -0700 From: Warner Losh <imp@village.org> To: newton@communica.com.au (Mark Newton) Cc: batie@agora.rdrop.com (Alan Batie), adam@homeport.org, pgiffuni@fps.biblos.unal.edu.co, freebsd-security@freebsd.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <E0vPJrb-0003cC-00@rover.village.org> In-Reply-To: Your message of "Mon, 18 Nov 1996 13:17:21 %2B1030." <9611180247.AA15359@communica.com.au> References: <9611180247.AA15359@communica.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <9611180247.AA15359@communica.com.au> Mark Newton writes: : sendmail really only needs root so that it can bind to the "privileged" : port 25 when it's running in daemon mode. If you frob filesystem permissions : sufficiently you can get away without providing sendmail with root : privileges by running it with a non-root uid out of inetd (which is, : indeed, precisely what I have done with it here at Communica, where : sendmail runs as the unprivileged "smtp" user). I don't buy this. You need to be able to create a mailbox of an arbitrary user, and then write to that mailbox with that user's uid, or to a shell of that user's uid. To do otherwise would introduce other security problems, some of which have been beat to death in the freebsd lists. What am I missing? Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vPJrb-0003cC-00>