Bugtraq mailing list archives
BSD mail.local has race condition
From: travis () EvTech com (Travis Hassloch x231)
Date: Wed, 10 Jul 1996 14:17:16 -0500
Same as the Solaris mailx bug. As usual, to exploit the bug, you have to have write perms to the mail spool. This means a security conscious admin should turn world-write off, but this may break mail user agents. A mail.local fix should be forthcoming, but is pretty obvious -- same deal as writing to /tmp or other world-write dirs from an SUID root program. I had a stupid response to the Solaris mailx bug; I hope it didn't get propogated here (it went out to Best-Of, oops). Sorry, I was going cold-turkey on the caffeine, and was judgement-challenged. -- Travis Hassloch, Electronic Blacksmith | P=NP if (P=0 or N=1) There's a fine line between an email message and its signature.
Current thread:
- Re: at the risk of another flamefest.., (continued)
- Re: at the risk of another flamefest.. David Stagner (Jul 15)
- Re: at the risk of another flamefest.. Alan L. Wendt (Jul 15)
- hpux 10.0 remote administration Matthew G. Harrigan (Jul 15)
- Re: rdist exploit [bsdi] System Manager (Jul 13)
- Re: rdist exploit [bsdi] Tom Bowman (Jul 12)
- Re: rdist exploit [bsdi] Brian Tao (Jul 12)
- Re: rdist exploit [bsdi] Cosimo Leipold (Jul 13)
- Re: rdist exploit [bsdi] Jack Flory (Jul 13)
- Re: rdist exploit [bsdi] Chris Caputo (Jul 13)
- Re: rdist exploit [bsdi] Brian Mitchell (Jul 14)