From owner-freebsd-security Sat Jan 13 8:18:29 2001 Delivered-To: freebsd-security@freebsd.org Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2]) by hub.freebsd.org (Postfix) with ESMTP id 36F9F37B402; Sat, 13 Jan 2001 08:18:10 -0800 (PST) Received: from bsdie.rwsystems.net([209.197.223.2]) (1629 bytes) by bsdie.rwsystems.net via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) id for ; Sat, 13 Jan 2001 10:17:37 -0600 (CST) (Smail-3.2.0.111 2000-Feb-17 #1 built 2000-Jun-25) Date: Sat, 13 Jan 2001 10:17:37 -0600 (CST) From: James Wyatt To: Kris Kennaway Cc: Ryan Thompson , freebsd-security@FreeBSD.ORG Subject: Re: Majordomo lists security In-Reply-To: <20010112222249.A28910@citusc.usc.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Content-ID: Content-Disposition: INLINE Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 12 Jan 2001, Kris Kennaway wrote: > On Sat, Jan 13, 2001 at 12:05:10AM -0600, Ryan Thompson wrote: > > Hmm... Maybe this has been answered before. > > > > Is there a GOOD reason that, by default, /usr/local/majordomo/lists is > > world readable? Does not just the "majordom" user/group ever read the > > files contained therein? Until now, I've never really had cause to play [ ... ] > From the makefile: > > .if !defined(BATCH) && !defined(PACKAGE_BUILDING) > /usr/bin/dialog --yesno "Majordomo is unsafe to use on multi-user machines: local users can run > arbitrary commands as the majordomo user. Do you wish to accept the security risk and build majordomo > anyway?" 8 60 || ${FALSE} > .endif This says *nothing* about allowing (very portable) passwords to leak, just that they can run commands. Most users would take that to mean run such commands *locally*, not remotely. - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message