Date: Fri, 4 Dec 1998 13:28:02 -0800 (PST) From: Keyser Soze <mkultra@dqc.org> To: mike grommet <mgrommet@insolwwb.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Advice on sendmail / execution of programs through .forward Message-ID: <Pine.NEB.4.05.9812041327240.7918-100000@dqc.org> In-Reply-To: <A199D70FC96DD211AD1000609767926103598F@ISIMAIL>
next in thread | previous in thread | raw e-mail | index | archive | help
you can block access to port 6000 out (if you have a firewall). This will prevent the xterm from writing to XServers outside your firewall. On Fri, 4 Dec 1998, mike grommet wrote: > Hi guys, I need some advice... > > I block off shell access to my primary server... > however one of my users pulled a sneaky one. > > He executed a xterm shell from his .forward and had it connect to his X > server on his personal PC... pretty slick actually, I have to give him that. > I never even considered it. > > Well, naturally I am a bit concerned about this... > this particular user is quite benevolent, but what about next time? > > I mean, it seems quite possible for a user to upload some sort of exploit > and an appropriate .forward via ftp, send mail to himself and WHAM. Life > gets real bad. > > Now, its quite convenient to be able to run programs from .forward, procmail > comes to mind immediately... > > So what do you guys suggest to fix this problem the right way? > > Mike Grommet > Unix Systems Adminstrator > Internet Solutions, Inc. > mgrommet@insolwwb.net > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.05.9812041327240.7918-100000>