Another Sendmail security problem
Felix Lee
flee at shire.cs.psu.edu
Mon May 1 14:46:43 AEST 1989
In article <28974 at ucbvax.BERKELEY.EDU>,
haynes at ucbarpa.Berkeley.EDU (Jim Haynes) writes:
>or maybe it depends on some bug that is more probable when the system is
>heavily loaded.
Our Sun4 is hardly ever heavily loaded. It may be that when your
machine is heavily loaded sendmail queues "|program" recipients, as
our Sun does. "|program" recipients in the queue lose the original
recipient information, and thus get run by arbitrary uids.
Tomorrow I will try to tweak sendmail on our Vax to reproduce the
problem.
--
Felix Lee flee at shire.cs.psu.edu *!psuvax1!shire!flee
More information about the Comp.unix.wizards
mailing list