Of course the OpenBSD mailx program isn't setuid or setgid. But we did an audit of the source code anyways. This particular buffer overflow isn't possible in our code, since $HOME is ignored the moment it becomes longer than MAXPATHNAMELEN. We found and fixed numerous other problems in mailx. If anyone intends to make this program setuid or setgid, they need to do a significant amount of work... or just copy our code. But I don't gaurantee all problems are fixed in our version... since we are not running setgid. We use a different mechanism for mail spool locking.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:33 PDT