Date: Mon, 18 Nov 96 11:49:32 -0600 From: Ben Black <black@gage.com> To: Bill Fenner <fenner@parc.xerox.com> Cc: Michael Smith <msmith@atrad.adelaide.edu.au>, freebsd-security@freebsd.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <9611181749.AA29784@squid.gage.com> In-Reply-To: <96Nov18.085003pst.177557@crevenia.parc.xerox.com> References: <96Nov18.085003pst.177557@crevenia.parc.xerox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>It is, of course, possible to run as root for *just long enough* to bind to
>port 25. Then setuid("smtp").
>
even better would be finer grained control over access to low numbered ports
so you wouldn't need to be root to bind port 25.
b3n
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9611181749.AA29784>