Shell scripts from smail/sendmail - strange behavior
Neil Rickert
rickert at mp.cs.niu.edu
Tue Oct 16 02:31:34 AEST 1990
In article <1990Oct14.224615.6178 at athena.mit.edu> jik at athena.mit.edu (Jonathan I. Kamens) writes:
> First of all, my name is Kamens, not Kamen. But that's not important right
>now :-).
>
My apologies for the typo on your name.
> Second, I didn't see the point in mentioning this before, but if you're
>going to start debating, I might as well -- the behavior I have described is a
>GAPING and KNOWN security hole in sendmail. I can, on many (if not most)
>systems, pretty much run any program as any user if I have an account on the
>system and its sendmail behaves as I've described.
>
I thought we were discussing programs invoked due to an entry in the
aliases file. I fully agree that having a publicly writeable aliases file
is a security hazard.
> "Extensive sender checking" is EXACTLY what sendmail 5.61 DOES NOT do when
>it decides what user ID to use when running a program. And, as any somewhat
>knowledgeable Unix user should know, it's REAL easy to fake sendmail out.
This is why you should be careful about putting programs in aliases.
>That's why this functionality was removed in sendmail 5.64.
That is indeed curious. I am using a sendmail 5.64 derivative, and when
I post a 'msgs', it still runs the program under my user ID. My mail is
submitted by an SMTP client, so that sendmail itself is running with real
uid of root at the time. Certainly there were changes made to handling of
'uid's, but I haven't seen any evidence that "this functionality was
removed in 5.64."
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science <rickert at cs.niu.edu>
Northern Illinois Univ.
DeKalb, IL 60115. +1-815-753-6940
More information about the Comp.unix.shell
mailing list