Date: Thu, 28 Mar 2002 15:51:50 -0600 From: Christopher Schulte <schulte+freebsd@nospam.schulte.org> To: Wilko Bulte <wkb@freebie.xs4all.nl>, Alan Clegg <alan@clegg.com> Cc: stable@FreeBSD.ORG Subject: Re: sendmail_enable NONE Message-ID: <5.1.0.14.0.20020328154728.04ac2668@pop3s.schulte.org> In-Reply-To: <20020328223826.F28059@freebie.xs4all.nl> References: <20020328163551.B77823@shell.wetworks.org> <20020327154948.26668.qmail@web11602.mail.yahoo.com> <20020327115442.C27253@shell.one.net> <000c01c1d5bb$38e336e0$11fd2fd8@westbend.net> <20020327200304.C43825@mail.webmonster.de> <20020328133020.B6416@hub.freebsd.org> <20020328163551.B77823@shell.wetworks.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:38 PM 3/28/2002 +0100, Wilko Bulte wrote: >Basically: binaries sitting on a disk are harmless (but take space) as >long as they don't get run. Some local root exploits can be prevented if unused setuid binaries have the bit removed. Thus if sendmail is not used (but you want to keep the binary around just in case) just chmod -s. If I install postfix, I might not be keen on sendmail advisories, thinking I'm not affected because the daemon is not active. Whoops, it was a local problem becuase I left the binary setuid root. >-- >| / o / /_ _ wilko@FreeBSD.org >|/|/ / / /( (_) Bulte Arnhem, the Netherlands > We are FreeBSD. Resistance is futile. Prepare to be committed. -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020328154728.04ac2668>