<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: /usr/bin/Mail buffer 0verfl0w

Re: /usr/bin/Mail buffer 0verfl0w

From: Maciek Pasternacki <maciekp_at_JAPHY.FNORD.ORG>
Date: Wed, 7 Mar 2001 08:10:31 +0100

Syzop pressed following keys:
>Why is mail on some systems sgid?,
>It looks like it's something with locking files, but why doesn't mail
>to be sgid on other systems then?
>
AFAIK it has something to do with brain-dead idea of putting users' mail in
/var/spool/mail/login instead of /home/login/Mailbox (or, better, Maildir/).
To lock the file which is not in world-writeable directory, program has to be
setuid or setgid.

> Syzop.
--jph

-- 
__ Maciek Pasternacki <maciekp@japhy.fnord.org> [ http://japhy.fnord.org/ ]
`| _   |_\  / *CENSORED* ( full version at http://japhy.fnord.org/sig.txt )
,|{-}|}| }\/  
\/   |____/

application/pgp-signature attachment: stored

Received on Mar 08 2001

This message: [ Message body ]
Next message: Harmer, Michael: "Re: -= Unsek Tecnics =-"
Previous message: Ashworth, Robert C. [Contractor]: "Re: Modern hw-killing virus feasible"
In reply to: Syzop: "Re: /usr/bin/Mail buffer 0verfl0w"
Next in thread: Markus: "Re: /usr/bin/Mail buffer 0verfl0w"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos