Date: Sun, 17 Nov 1996 19:44:30 -0800 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: newton@communica.com.au (Mark Newton), batie@agora.rdrop.com (Alan Batie) Cc: imp@village.org, adam@homeport.org, pgiffuni@fps.biblos.unal.edu.co, freebsd-security@freebsd.org Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Message-ID: <199611180344.TAA14598@salsa.gv.ssi1.com> In-Reply-To: newton@communica.com.au (Mark Newton) "Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)." (Nov 18, 1:17pm)
next in thread | raw e-mail | index | archive | help
On Nov 18, 1:17pm, Mark Newton wrote: } Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). } sendmail really only needs root so that it can bind to the "privileged" } port 25 when it's running in daemon mode. Some flavors of sendmail close this socket when the load average gets to high to refuse incoming mail, then re-open it later. } If you frob filesystem permissions } sufficiently you can get away without providing sendmail with root } privileges by running it with a non-root uid out of inetd (which is, } indeed, precisely what I have done with it here at Communica, where } sendmail runs as the unprivileged "smtp" user). If your users run programs (like vacation) from their .forward files, sendmail runs these processes under their uids. If you're in an environment where no local delivery is done, then you can hack sendmail to setuid(harmless) right after it fork()s, which should eliminate a lot of the danger, though not the latest problem :-(. --- Truck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611180344.TAA14598>