Date: Fri, 10 Jan 1997 13:01:53 +1100 (EST) From: proff@suburbia.net To: Pierre.Beyssac@hsc.fr (Pierre Beyssac) Cc: adam@homeport.org, Pierre.Beyssac@hsc.fr, giles@nemeton.com.au, lyndon@esys.ca, moke@fools.ecpnet.com, freebsd-security@freebsd.org Subject: Re: sendmail running non-root SUCCESS! Message-ID: <19970110020153.27033.qmail@suburbia.net> In-Reply-To: <Mutt.19970109153512.pb@sidhe.hsc.fr> from Pierre Beyssac at "Jan 9, 97 03:35:12 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> sendmail could process the .forward as usual, but it would > call the external prog mailer to ask it to run "/home/user/bin/myownstuff" > as "user" and pipe the mail to it. > > Obviously it has to be more complicated than that or it would > be a trivial new hole in the system (we can't rely on just checking > that sendmail is calling us, that would not make us immune to attacks > on sendmail itself). > > A solution might be to use a .db database as someone suggested, > as an authenticated reference owned by root or mail, accessed > by sendmail and the prog mailer. > > -- > Pierre.Beyssac@hsc.fr > Bork. Instead of spending hours whipping and splinting a dying nag into going an extra furlong, why not just put a little more shine on the young filly called 'qmail'? I'm serious. If qmail doesn't handle what you want (optimal-uucp-handling) then extend it. Because of qmail's well-thought-out modularity and multiple division of powers, this task is not hard and has virtually zero chance of introducing security holes. Cheers, Julian.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970110020153.27033.qmail>