Date: Mon, 18 Nov 1996 14:05:04 +1030 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: imp@village.org (Warner Losh) Cc: newton@communica.com.au, batie@agora.rdrop.com, adam@homeport.org, pgiffuni@fps.biblos.unal.edu.co, freebsd-security@FreeBSD.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <199611180335.OAA17231@genesis.atrad.adelaide.edu.au> In-Reply-To: <E0vPJrb-0003cC-00@rover.village.org> from Warner Losh at "Nov 17, 96 07:55:10 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh stands accused of saying: > > I don't buy this. You need to be able to create a mailbox of an > arbitrary user, and then write to that mailbox with that user's uid, > or to a shell of that user's uid. To do otherwise would introduce > other security problems, some of which have been beat to death in the > freebsd lists. > > What am I missing? mail.local. Mark's sense of warmth is perhaps slightly over-smug, but his point is valid. In fact, if it were possible to be non-root and bind to port 25, then sendmail could be run non-root in daemon mode and not be called from cron (which Mark omitted to mention). > Warner -- ]] Mike Smith, Software Engineer msmith@gsoft.com.au [[ ]] Genesis Software genesis@gsoft.com.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control. (ph) +61-8-8267-3493 [[ ]] Unix hardware collector. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611180335.OAA17231>