Bugtraq mailing list archives
Mail flags for using procmail instead of /bin/mail?
From: ault () cs albany edu (James R. Ault)
Date: Fri, 30 Sep 1994 16:42:09 EDT
not sure who wrote:
yes there is a bug in /bin/mail - if it is setuid root (ie: used as a delivery agent) it can be exploited to gain root access. there was an
...
u-s /bin/mail, install either procmail or the mail.local (which i have yet to find anywhere, procmail is easy to find... (i forget where.. archie is your friend), and then edit your Mlocal line in /etc/sendmail.cf to be procmail instead of /bin/mail
Could someone post some suitable lines with proper flags to give procmail that I could include in sendmail.cf ? We run sendmail 8.6.9 on sunos 4.1.3, and we have procmail already installed. Jim Ault, CS Sysadmin, SUNY Albany, NY 12222 USA ault () cs albany edu <><
Current thread:
- Various resources Christopher Klaus (Sep 29)
- Re: Various resources Craig Metz (Sep 29)
- Re: Various resources Karl Strickland (Sep 29)
- kern_exec.c an134699 () anon penet fi (Sep 29)
- Re: kern_exec.c Karl Strickland (Sep 29)
- Re: kern_exec.c Len Rose (Sep 29)
- A request Mark Graff (Sep 29)
- A request Scott D. Yelich (Sep 30)
- Mail flags for using procmail instead of /bin/mail? James R. Ault (Sep 30)
- Re: Mail flags for using procmail instead of /bin/mail? Adam Shostack (Sep 30)
- Re: kern_exec.c John Hawkinson (Sep 29)
- Re: Various resources Craig Metz (Sep 29)
- <Possible follow-ups>
- Re: Various resources tws () mrc com (Sep 30)
- Re: Various resources H Morrow Long (Sep 30)
- Re: Various resources Pat Myrto (Sep 30)
- Re: Various resources H Morrow Long (Sep 30)