Date: Sun, 6 Dec 1998 09:28:55 -0600 (CST) From: mike grommet <mgrommet@ns.insolwwb.net> To: Timothy J Luoma <public+FreeBSD@fdt.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Advice on sendmail / execution of programs through .forward Message-ID: <Pine.BSI.4.05L.9812060925330.12934-100000@ns.insolwwb.net> In-Reply-To: <199812052049.PAA08277@ocalhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 5 Dec 1998, Timothy J Luoma wrote: > Author: mike grommet <mgrommet@insolwwb.net> > Date: Fri, 4 Dec 1998 14:06:35 -0600 > ID: <A199D70FC96DD211AD1000609767926103598F@ISIMAIL> > > I think removing the execute bit for regular users is the real answer. > > > > I mean, it seems quite possible for a user to upload some sort > > of exploit and an appropriate .forward via ftp, send mail to > > himself and WHAM. Life gets real bad. > > Why let them FTP anything? > > TjL This machine allows the keeping of personal user pages, but no cgi access, so they do need to be able to upload files to the machine... I just cant believe that theres not some way to make it so sendmail cant all but certain files, or somesuch... and I cant disallow forwards either because this machine hosts various web pages / domains for folks who need their incoming mail forwarded to other ISP's for their own pick up. Grrr... I'm stuck. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.4.05L.9812060925330.12934-100000>