mailing list archives
Re: Mail delivery privileges (was: Solaris /usr/bin/mailx exploit)
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert () uumail gov bc ca>
Date: Sat, 19 May 2001 12:03:26 -0700
In message <20010518203508.DCF0EC3 () proven weird com>, Greg A. Woods
[ On Friday, May 18, 2001 at 11:18:51 (-0400), Wietse Venema wrote: ]
3 - User-specified shell commands. Traditionally, a user can specify
any shell command in ~user/.forward, and that command will execute
with the privileges of that user. This requires SUPER-USER privileges
in the mail delivery software itself or in mail helper software.
Oh, OK, you've got me on that one! ;-)
I was trying very carefully to avoid that particular pit of snakes, but
I suppose I should have known it was inevitable that someone would find
me out eventually!
A small helper program to handle shell command .forward files would be
a lot more secure than an MTA performing the deed. It's not a perfect
solution but is a lot better than what we've got now for the simple
reason that a smaller program is easier to audit and thus generally
more secure than a larger more complex program.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/Alpha Team Internet: Cy.Schubert () osg gov bc ca
Open Systems Group, ITSD, ISTA
Province of BC