Bugtraq mailing list archives
Re: Root shell vixie cron exploit
From: lcamtuf () DIONE IDS PL (Michal Zalewski)
Date: Wed, 1 Sep 1999 21:08:56 +0200
On Wed, 1 Sep 1999, Seva Gluschenko wrote:
man sendmail: /-C ...skipping... -Cfile Use alternate configuration file. Sendmail refuses to run as root if an alternate configuration file is specified. and it does, for sure %-). Just tested this on different versions of FreeBSD and had no effects except Mail Delivery message: The following address has permanent fatal errors: -C/tmp/vixie-cf gvs So, sendmail _really_ refuses to accept -C key when run as root
Probably you have some problems with understanding written word ;P REFUSES TO RUN AS ROOT means: if alternate config file is specified, effective root privledges (Setuid) are dropped. But from crond, sendmail is launched with uid==euid==0. DOES NOT apply. FreeBSD seems to be patched against this attack, that's another issue ;P _______________________________________________________________________ Michal Zalewski [lcamtuf () ids pl] [link / marchew] [dione.ids.pl SYSADM] [Marchew Industries] ! [http://lcamtuf.na.export.pl] bash$ :(){ :|:&};: [voice phone: +48 22 813 25 86] <=-=> [cellular phone: +48 501 4000 69] Iterowac jest rzecza ludzka, wykonywac rekursywnie - boska [P. Deutsch]
Current thread:
- Root shell vixie cron exploit Michal Zalewski (Jul 05)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)
- Re: Root shell vixie cron exploit Michal Zalewski (Sep 01)
- Re: Root shell vixie cron exploit John Kennedy (Sep 03)
- Re: Root shell vixie cron exploit Peter Wemm (Sep 07)
- Re: Root shell vixie cron exploit Raymond Dijkxhoorn (Sep 07)
- Re: Root shell vixie cron exploit Christos Zoulas (Sep 03)
- [security-officer () FreeBSD ORG: FreeBSD-SA-99:01: BSD File Flags and Programming Techniques] Patrick Oonk (Sep 03)
- Re: Root shell vixie cron exploit Valentin Nechayev (Sep 04)
- gftp Oscar Haeger (Sep 05)
- Re: gftp - ms ftp debug mode Bencsath Boldizsar (Sep 08)
- fixing all buffer overflows --- random magin numbers Dr. Joel M. Hoffman (Sep 11)
- Re: fixing all buffer overflows --- random magin numbers Peter van Dijk (Sep 12)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)