Date: Fri, 21 Jun 2002 18:06:34 -0700 (PDT) From: Mark Hartley <mark@work.drapple.com> To: twig les <twigles@yahoo.com> Cc: security@FreeBSD.ORG Subject: Re: Possible security liability: Filling disks with junk or spam Message-ID: <XFMail.020621180634.mark@work.drapple.com> In-Reply-To: <20020622003444.66667.qmail@web10104.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 22-Jun-02 twig les wrote: > Would it be viable to un-map the psuedo-users or would > that break something? > If you don't want to forward their messages to root (which I think is the best way), you could always simply edit the aliases file and put the following lines in: bin: /dev/null news: /dev/null (and so on for each one) Depends on how the admin wants to handle it. Mark. > > --- Sean Kelly <smkelly@zombie.org> wrote: >> On Fri, Jun 21, 2002 at 06:01:16PM -0600, Brett >> Glass wrote: >> ... >> > A client recently called me in puzzlement, saying >> that his system was >> > misbehaving, and it turned out that this was what >> had happened. The address >> > "news@victim.com" had somehow wound up on quite a >> few spammers' lists. He'd >> > never used or hosted netnews, and so had no need >> for the pseudo-user. But that >> > pseudo-user was there by default, and the system >> dutifully created a mailbox >> > for him/her/it when the very first spam arrived. >> It started growing by leaps >> > and bounds until it was -- I kid you not! -- >> several hundred megabytes in >> > size. At which point the partition ran out of >> room. >> > >> > It seems to me that pseudo-users should be >> non-mailable, just as a basic >> > security policy. Ideas for the best way to >> implement this in the default >> > install? >> >> If you look at /usr/src/etc/mail/aliases, you'll see >> that pseudo-users are >> mapped to root. I also see news in there: >> news: root >> >> usenet: news >> >> >> It seems to me that the best way to prevent such >> things happening would be >> to keep your aliases files up to date. Use >> mergemaster and also maintain >> the file for any pseudo-users you may add. At some >> point, the >> administrator has to become responsible for the >> system they administer. >> >> -- >> Sean Kelly | PGP KeyID: 77042C7B >> smkelly@zombie.org | http://www.zombie.org >> > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.020621180634.mark>