Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: majordomo local exploit

Re: majordomo local exploit

From: John Archie <johnarchie_at_MAIL.EMERALDIS.COM>
Date: Sat, 1 Jan 2000 23:45:20 -0500

I chgrp'ed the wrapper to mail (the user that sendmail demotes itself to in
order to run the wrapper on my system) and do not allow normal users to
execute the wrapper. Majordomo works fine after the change, but this breaks
anything that feeds input into the majordomo scripts directly that doesn't
have permission to execute the wrapper.

--John
Received on Jan 02 2000

This message: [ Message body ]
Next message: Joakim Karlmark: "Re: More info on MS99-061 (IIS escape character vulnerability)"
Previous message: Pavel Machek: "Re: strace can lie"
Next in thread: Olaf Kirch: "Re: majordomo local exploit"
Maybe reply: Olaf Kirch: "Re: majordomo local exploit"
Maybe reply: Dale Clark: "Re: majordomo local exploit"
Maybe reply: Chan Wilson: "Re: majordomo local exploit"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]