Date: Wed, 10 Apr 1996 20:57:09 +0200 From: Wolfram Schneider <wosch@cs.tu-berlin.de> To: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com> Cc: peter@jhome.DIALix.COM (Peter Wemm), current@freebsd.org Subject: Re: /var/mail default permissions?? Message-ID: <199604101857.UAA00395@campa.panke.de> In-Reply-To: <199604100647.XAA15909@GndRsh.aac.dev.com> References: <199604100556.NAA03118@jhome.DIALix.COM> <199604100647.XAA15909@GndRsh.aac.dev.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Rodney W. Grimes writes: >Though mail.local can be sure it does safe things in there, making this >world writeable allows a very easy denial of service attack: >cat /dev/zero >/var/mail/bigone (no noone can get mail on the system >:-(). $ cat /dev/zero > /var/mail/`whoami` /: file system full You can put any garbage (except EOF) into a mailbox $ locate / | /usr/libexec/mail.local foo Wolfram
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199604101857.UAA00395>