Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Solaris /usr/bin/mailx exploit (SPARC)
From: "Tobias J. Kreidl" <Tobias.Kreidl () NAU EDU>
Date: Tue, 15 May 2001 14:47:02 -0700 (MST)

Andrew Hilborne <andrew.hilborne () uk xo com> wrote on
Tue, 15 May 2001 14:15:45 +0100:

Just how do you force 0600 on mailboxes which don't exist (many MUAs
remove empty mailboxes?)

Since you cannot easily do this, at the very least a malicious user
should be able to steal other users' mail. I think.

1) The permissions 1777 on /var/mail should allow empty mailboxes to
remain under most circumstances.  One should be careful what
IMAP and POP services are running on your machine and how
they handle this.

2) When a new user account is first established, it is imperative that
a mailbox be created at that time with the proper ownerships and file 
permissions.

3) A cron job can help monitor any discrepancies between existing and 
desired file attributes of mailboxes in /var/mail and rectify them on 
the fly.

Tobias Kreidl
NAU/Information Technology Services



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]