Re: Sendmail up to 8.9.1 - mail.local instroduces new class of

From: Jeremiah Rothschild (jeremiahat_private)
Date: Mon Aug 10 1998 - 07:30:35 PDT

Next message: Security Research Labs: "Network Associates Inc. Advisory (OpenBSD)"

Previous message: Texan Hawk: "Re: Yahoo Pager auto-update"
Next in thread: Chip Salzenberg: "Re: Sendmail up to 8.9.1 - mail.local instroduces new class of"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I run sendmail suid/sgid mail..  Therefore, if hacked, the worst situation
would be losing mail spools.  Doing this has been nicely documented..

Anyone interested should check out www.virtual.net.au/~rjc/sendmail.html

# ip

On Thu, 9 Jul 1998, Michal Zalewski wrote:

> It's stupid to make any part of sendmail package setuid. It's really
> possible to make sendmail work with no setuid nor setgid, by arranging
> proper communication with sendmail daemon, if running. Also, I suggest to
> be at least careful with new features of recent Sendmail version :-)

Next message: Security Research Labs: "Network Associates Inc. Advisory (OpenBSD)"
Previous message: Texan Hawk: "Re: Yahoo Pager auto-update"
Next in thread: Chip Salzenberg: "Re: Sendmail up to 8.9.1 - mail.local instroduces new class of"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:53 PDT