Re: [RHSA-1999:030-01] Buffer overflow in cron daemon

From: Todd C. Miller (Todd.Millerat_private)
Date: Sat Aug 28 1999 - 10:10:35 PDT

Next message: Todd C. Miller: "Re: [RHSA-1999:030-01] Buffer overflow in cron daemon"

Previous message: Peter W: "Re: IE and cached passwords"
Maybe in reply to: Bill Nottingham: "[RHSA-1999:030-01] Buffer overflow in cron daemon"
Next in thread: Todd C. Miller: "Re: [RHSA-1999:030-01] Buffer overflow in cron daemon"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Why not just have sendmail run as the user who owns the crontab?
I see no credible reason to run it as root.  This is fairly simple
as do_command and cron_popen are only used to send mail anyway.

Doing sanity checks on your input is all well and good but there's
no guarantee you will catch everything.

 - todd

Next message: Todd C. Miller: "Re: [RHSA-1999:030-01] Buffer overflow in cron daemon"
Previous message: Peter W: "Re: IE and cached passwords"
Maybe in reply to: Bill Nottingham: "[RHSA-1999:030-01] Buffer overflow in cron daemon"
Next in thread: Todd C. Miller: "Re: [RHSA-1999:030-01] Buffer overflow in cron daemon"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:59:33 PDT