Bugtraq mailing list archives
Re: possible local exploit via sendmail with procmail on solaris
From: Jeff Damens <jdamens () ebbets poly edu>
Date: Wed, 22 Dec 2004 17:24:56 -0500 (EST)
Mike, Sendmail is *supposed* to run the local mailer setuid as the recipient, so procmail should have run as you. I'm running sendmail 8.13.1 on solaris 7 & 8 and it does seem to setuid properly. Is it possible that procmail itself is setuid root and is invoking the shell which is sourcing your .cshrc? It would be interesting to see a truss -f of sendmail doing a local delivery. $h is the host as set from the 2nd part of the $# local mailer rule. It probably isn't set in your sendmail rules for local users. Regards, Jeff ---------------------------------------------------------------- Jeff Damens Unix Systems Administrator Polytechnic University jdamens () ebbets poly edu 6 Metrotech (718) 260-3492 Brooklyn, New York 11201
Current thread:
- possible local exploit via sendmail with procmail on solaris Michael Barnes (Dec 22)
- Re: possible local exploit via sendmail with procmail on solaris Jeff Damens (Dec 23)