Bugtraq mailing list archives
Re: Mail delivery privileges
From: daw () mozart cs berkeley edu (David Wagner)
Date: 20 May 2001 00:37:11 GMT
Peter W wrote:
To protect users from each others' ~/.forward instructions, it is necessary, as Wietse said, for the delivery agent to start with superuser privileges.
I'm not convinced. Imagine: ~/.forward-program could be a setuid executable, owned by the user, and a non-root delivery agent could exec() the relevant ~/.forward-program. Why can't this approach be made to work? What am I missing? (You might be concerned that malicious users on the same system could inject forged mail by themselves exec()ing the ~/.forward-program. But this threat can be countered in several ways. For instance, we could use file permissions: make ~/.forward-program mode 750, with group 'mail', and have the delivery program run under user 'nobody', group 'mail'. Or, we could use crypto: Create a public/private keypair for the delivery agent, put the public key in /etc/agent.pub, have the delivery agent sign the input it sends to ~/.forward-program, and have ~/.forward-program check the signature on its input against /etc/agent.pub.)
Current thread:
- Re: Solaris /usr/bin/mailx exploit (SPARC), (continued)
- Re: Solaris /usr/bin/mailx exploit (SPARC) Greg A. Woods (May 15)
- Re: Solaris /usr/bin/mailx exploit (SPARC) Dan Astoorian (May 15)
- Re: Solaris /usr/bin/mailx exploit (SPARC) Tobias J. Kreidl (May 16)
- Re: Solaris /usr/bin/mailx exploit (SPARC) Greg A. Woods (May 17)
- Re: Solaris /usr/bin/mailx exploit (SPARC) Casper Dik (May 17)
- Re: Solaris /usr/bin/mailx exploit (SPARC) Greg A. Woods (May 18)
- Mail delivery privileges (was: Solaris /usr/bin/mailx exploit) Wietse Venema (May 18)
- Re: Mail delivery privileges (was: Solaris /usr/bin/mailx exploit) Greg A. Woods (May 18)
- Re: Mail delivery privileges Peter W (May 19)
- Re: Mail delivery privileges Henrik Nordstrom (May 19)
- Re: Mail delivery privileges David Wagner (May 21)
- Re: Mail delivery privileges (was: Solaris /usr/bin/mailx exploit) Cy Schubert - ITSD Open Systems Group (May 19)
- Re: Solaris /usr/bin/mailx exploit (SPARC) Greg A. Woods (May 17)
- Re: Mail delivery privileges (was: Solaris /usr/bin/mailx exploit) Olaf Kirch (May 18)
- Re: Mail delivery privileges (was: Solaris /usr/bin/mailx exploit) Dan Stromberg (May 19)
- Re: Mail delivery privileges (was: Solaris /usr/bin/mailx exploit) Wietse Venema (May 19)