Bugtraq mailing list archives
Re: sendmail -C: Known? Patches? (AIX 4.1.5)
From: troy () AUSTIN IBM COM (Troy Bollinger)
Date: Sun, 10 Aug 1997 08:28:41 -0500
-----BEGIN PGP SIGNED MESSAGE----- Gene Spafford wrote:
Old bugs never quite seem to die.... If the problem is in a recent version of AIX I think it would be very interesting to find how & why it got there.
The sendmail bug in AIX 4 does not allow any "ordinary" user to use the "-C" flag, only root or members of the administrative group "system" (gid=0). Note that even though the AIX sendmail is setgid to the system group, it does NOT allow normal users to read any file on the system. IBM will be issuing the following APARs to deny the "-C" flag to group system as well: AIX 4.1: IX70238 AIX 4.2: IX70239 - -- +---------------- Opinions are my own -------------------+ |Troy Bollinger | 92CBR600F2| |AIX Security Development | troy () austin ibm com| +----------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: 2.7.1 iQCVAwUBM+3CCcjqvEm3eDEpAQGf/QP+JxjJrJxJZJ4sO9pKfNMaoD9kjwsvwHBK f2/gVYkjknzVngSlLcydKmTIFzwVKnu8nYaU3WQg2Oo17gQi7kuykIBRnq9O/RDt cCQSqvtUaE7B1A12MG1vX45oPPRMDarLh5PuqNzWe0C8tH4ppvqrjW9xitgnConG p448vK6zXts= =v/WG -----END PGP SIGNATURE-----
Current thread:
- Sun Security Bulletin #00149, (continued)
- Sun Security Bulletin #00149 Aleph One (Aug 13)
- Sun Security Bulletin #00150 Aleph One (Aug 13)
- Possible fixed identd Phillip R. Jaenke (Aug 13)
- CERT Advisory CA-97.22 - BIND - the Berkeley Internet Name Daemon Aleph One (Aug 14)
- Vulnerability in 4.4BSD rfork() implementation Thomas H. Ptacek (Aug 02)
- Linux clone() looks safe (Re: Vulnerability in 4.4BSD rfork() Jeff Epler (Aug 02)
- Re: Linux clone() looks safe (Re: Vulnerability in 4.4BSD rfork() Marc Slemko (Aug 03)
- Re: sendmail -C: Known? Patches? (AIX 4.1.5) Eric Allman (Aug 06)
- Re: sendmail -C: Known? Patches? (AIX 4.1.5) Eric Allman (Aug 07)
- Re: sendmail -C: Known? Patches? (AIX 4.1.5) Gene Spafford (Aug 09)
- Re: sendmail -C: Known? Patches? (AIX 4.1.5) Troy Bollinger (Aug 10)
- procfs hole Brian Mitchell (Aug 10)
- Re: procfs hole Jonathan A. Zdziarski (Aug 10)
- Re: procfs hole Brian Mitchell (Aug 10)
- Program To decrypt password in ws_ftp.ini JeBe (Aug 10)