From owner-freebsd-security  Fri Jun 21 20:59:50 2002
Delivered-To: freebsd-security@freebsd.org
Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2])
	by hub.freebsd.org (Postfix) with ESMTP id ACB9A37B401
	for <security@FreeBSD.ORG>; Fri, 21 Jun 2002 20:59:46 -0700 (PDT)
Received: from apollo.backplane.com (localhost [127.0.0.1])
	by apollo.backplane.com (8.12.3/8.12.3) with ESMTP id g5M3xkCV066467;
	Fri, 21 Jun 2002 20:59:46 -0700 (PDT)
	(envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.12.3/8.12.3/Submit) id g5M3xkSl066466;
	Fri, 21 Jun 2002 20:59:46 -0700 (PDT)
	(envelope-from dillon)
Date: Fri, 21 Jun 2002 20:59:46 -0700 (PDT)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <200206220359.g5M3xkSl066466@apollo.backplane.com>
To: Brett Glass <brett@lariat.org>
Cc: security@FreeBSD.ORG
Subject: Re: Possible security liability: Filling disks with junk or spam
References:  <200206220001.SAA26010@lariat.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

    This is rich.  I just checked my own system and guess what I found?

-rw-------   1 ftp     dillon    11244 Apr  3  2001 ftp
-rw-rw----   1 man     mail     765638 Jun 18 22:23 man
 
    ding ding ding ding!  Give that man a cigar!  All spam.

:Two years ago, at BSDCon, I reported on a form of abuse known as a
:"Rumplestiltskin attack," in which an attacker guessed names in rapid
:...
:mailed, cause the mail to be stored on the disk as if it were addressed to a
:real user. No one may ever read it, but it's possible to fill the partition
:and thereby wreak havoc.
:
:It seems to me that pseudo-users should be non-mailable, just as a basic
:security policy. Ideas for the best way to implement this in the default
:install?
:
:--Brett Glass

    I think for now the easiest thing to do is to adjust the default
    mail aliases file to /dev/null out pseudo users that come preinstalled
    in /etc/passwd.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message