On Wed, Sep 01, 1999 at 09:08:55PM +0400, Seva Gluschenko wrote: > man sendmail: > /-C > ...skipping... > -Cfile Use alternate configuration file. Sendmail refuses to run > as root if an alternate configuration file is specified. > > and it does, for sure %-). > > Just tested this on different versions of FreeBSD and had no effects > except Mail Delivery message: > > The following address has permanent fatal errors: > -C/tmp/vixie-cf gvs > > So, sendmail _really_ refuses to accept -C key when run as root ??? I haven't looked hard at that exploit, but I know sendmail and that is untrue. When an average (non-root) user tries to use a -C in sendmail, sendmail will drop all its suid privs. You can (mis-)configure sendmail to do stupid things like run an arbitrary program is root -- your average user just can't do that themselves. I had assumed that the whole problem with the vixie-cron exploit was that cron allowed users to invoke sendmail with arbitrary command-line options *as root*, so dropping SUID status doesn't do any good. Sendmail doesn't try to protect the root user from themselves.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:02:12 PDT