Date: Fri, 10 Jan 1997 13:01:53 +1100 (EST) From: proff@suburbia.net To: Pierre.Beyssac@hsc.fr (Pierre Beyssac) Cc: adam@homeport.org, Pierre.Beyssac@hsc.fr, giles@nemeton.com.au, lyndon@esys.ca, moke@fools.ecpnet.com, freebsd-security@freebsd.org Subject: Re: sendmail running non-root SUCCESS! Message-ID: <19970110020153.27033.qmail@suburbia.net> In-Reply-To: <Mutt.19970109153512.pb@sidhe.hsc.fr> from Pierre Beyssac at "Jan 9, 97 03:35:12 pm"
index | next in thread | previous in thread | raw e-mail
> sendmail could process the .forward as usual, but it would > call the external prog mailer to ask it to run "/home/user/bin/myownstuff" > as "user" and pipe the mail to it. > > Obviously it has to be more complicated than that or it would > be a trivial new hole in the system (we can't rely on just checking > that sendmail is calling us, that would not make us immune to attacks > on sendmail itself). > > A solution might be to use a .db database as someone suggested, > as an authenticated reference owned by root or mail, accessed > by sendmail and the prog mailer. > > -- > Pierre.Beyssac@hsc.fr > Bork. Instead of spending hours whipping and splinting a dying nag into going an extra furlong, why not just put a little more shine on the young filly called 'qmail'? I'm serious. If qmail doesn't handle what you want (optimal-uucp-handling) then extend it. Because of qmail's well-thought-out modularity and multiple division of powers, this task is not hard and has virtually zero chance of introducing security holes. Cheers, Julian.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970110020153.27033.qmail>