Date: Tue, 26 Nov 1996 09:11:45 +1100 From: davidn@sdev.usn.blaze.net.au (David Nugent) To: msmith@atrad.adelaide.edu.au (Michael Smith) Cc: hackers@FreeBSD.ORG Subject: Re: Replacing sendmail (Re: non-root users binding to ports < 1024 (was: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2 Message-ID: <Mutt.19961126091145.davidn@sdev> In-Reply-To: <199611250434.PAA27300@genesis.atrad.adelaide.edu.au>; from Michael Smith on Nov 25, 1996 15:04:54 %2B1030 References: <4572.848895649@time.cdrom.com> <199611250434.PAA27300@genesis.atrad.adelaide.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Smith writes: > I'd also appreciate input from anyone that can see a problem with having > sendmail lying around but not running; if it's thought that this is still > a security risk, then there should be a comment in the handbook section > on mailer security suggesting that it be disabled (nuked, re-moded, etc.). Most mailers that are intended to replace sendmail's functionality also replace the sendmail binary in /usr/sbin with a front-end that does much the same, or at least a symbolic link that points to the 'real' front-end. There's a good deal of sendmail dependancy out there in MUAs. David Nugent, Unique Computing Pty Ltd - Melbourne, Australia Voice +61-3-9791-9547 Data/BBS +61-3-9792-3507 3:632/348@fidonet davidn@blaze.net.au http://www.blaze.net.au/~davidn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19961126091145.davidn>