Date: Fri, 29 Mar 2002 19:10:20 +0000 From: Thomas Hurst <tom.hurst@clara.net> To: stable@FreeBSD.ORG Subject: Re: sendmail_enable NONE Message-ID: <20020329191019.GA11194@voi.aagh.net> In-Reply-To: <20020328141846.B15442@Odin.AC.HMC.Edu> References: <20020328163551.B77823@shell.wetworks.org> <20020327154948.26668.qmail@web11602.mail.yahoo.com> <20020327115442.C27253@shell.one.net> <000c01c1d5bb$38e336e0$11fd2fd8@westbend.net> <20020327200304.C43825@mail.webmonster.de> <20020328133020.B6416@hub.freebsd.org> <20020328163551.B77823@shell.wetworks.org> <20020328223826.F28059@freebie.xs4all.nl> <5.1.0.14.0.20020328154728.04ac2668@pop3s.schulte.org> <20020328141846.B15442@Odin.AC.HMC.Edu>
next in thread | previous in thread | raw e-mail | index | archive | help
* Brooks Davis (brooks@one-eyed-alien.net) wrote: > On Thu, Mar 28, 2002 at 03:51:50PM -0600, Christopher Schulte wrote: > > Some local root exploits can be prevented if unused setuid binaries > > have the bit removed. Thus if sendmail is not used (but you want to > > keep the binary around just in case) just chmod -s. > > Given that the cause of the pain revolving around the 8.12 MFC was > removing the setuid bit to sendmail, these comments are just a bit > inane. Most people who don't use sendmail probably set NO_SENDMAIL in their make.conf, so any such changes are pretty much irrelevent to them. As for other utilities (like jot) being unused; there's a huge difference between a little 8.5k tool and a multi-MB daemon with a history of vulnerabilities. The rc.conf changes are a bit ugly imo too; sendmail_enable=NO now means "start only some of sendmail" instead of "don't start sendmail", which is totally against the grain of the entire rc system. Users who set sendmail_enable=NO will now get bitten because they may well assume that covers everything in sendmail; I'd rather that be a meta-knob that enables the rest of the sendmail system, ala: if sendmail_enable=YES # check the rest of the sendmail_knobs fi This way users who disabled sendmail see no difference, and those who have it enabled, er, see no difference; if they're going to get confused over the new knobs beind disabled by the meta-knob, at least they're likely to read sendmail related stuff in UPDATING etc, which is far better than those who don't use sendmail finding themselves running daemons they don't want and which may pose a security hazard. -- Thomas 'Freaky' Hurst - freaky@aagh.net - http://www.aagh.net/ - I wouldn't recommend sex, drugs or insanity for everyone, but they've always worked for me. -- Hunter S. Thompson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020329191019.GA11194>