Bugtraq mailing list archives
Re: Root shell vixie cron exploit
From: netch () LUCKY NET (Valentin Nechayev)
Date: Sat, 4 Sep 1999 10:51:50 +0300
Hello Seva Gluschenko! Wed, Sep 01, 1999 at 21:08:55, gvs wrote about "Re: Root shell vixie cron exploit": MZ> flags, this exploit won't bring anything shocking - simply, it's working MZ> example.
man sendmail: /-C ...skipping... -Cfile Use alternate configuration file. Sendmail refuses to run as root if an alternate configuration file is specified. and it does, for sure %-). Just tested this on different versions of FreeBSD and had no effects except Mail Delivery message: The following address has permanent fatal errors: -C/tmp/vixie-cf gvs So, sendmail _really_ refuses to accept -C key when run as root
Try to run sendmail with -C option as _root_ and you can really change config file when were root. -C flag only disable suid:root (causing setting effective uid to real uid via drop_privileges()). We really use sendmail with alternative configuration files in technology. Therefore, MZ is right... -- Valentin Nechayev netch () lucky net II:LDXIII/DCCCLXXIII.CCC
Current thread:
- Root shell vixie cron exploit Michal Zalewski (Jul 05)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)
- Re: Root shell vixie cron exploit Michal Zalewski (Sep 01)
- Re: Root shell vixie cron exploit John Kennedy (Sep 03)
- Re: Root shell vixie cron exploit Peter Wemm (Sep 07)
- Re: Root shell vixie cron exploit Raymond Dijkxhoorn (Sep 07)
- Re: Root shell vixie cron exploit Christos Zoulas (Sep 03)
- [security-officer () FreeBSD ORG: FreeBSD-SA-99:01: BSD File Flags and Programming Techniques] Patrick Oonk (Sep 03)
- Re: Root shell vixie cron exploit Valentin Nechayev (Sep 04)
- gftp Oscar Haeger (Sep 05)
- Re: gftp - ms ftp debug mode Bencsath Boldizsar (Sep 08)
- fixing all buffer overflows --- random magin numbers Dr. Joel M. Hoffman (Sep 11)
- Re: fixing all buffer overflows --- random magin numbers Peter van Dijk (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Eric Hutchinson (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Daniel W. Dulitz x108 (Sep 13)
- Enterprise Overflow Daniel Kerr (Sep 11)
- Re: gftp - ms ftp debug mode Valentin (Sep 12)
- Re: gftp - ms ftp debug mode Max Vision (Sep 12)
- Linux 2.2.12 mini-audit Solar Designer (Sep 13)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)