Re: majordomo 1.94.5 does not fix all vulnerabilities

From: Dave Barr (barrat_private)
Date: Tue Jan 25 2000 - 06:54:39 PST

Next message: jdglaser: "Re: Windows 2000 Run As... Feature"

Previous message: Tim Yardley: "multicasts from hell"
Maybe in reply to: Brock Sides: "majordomo 1.94.5 does not fix all vulnerabilities"
Next in thread: Olaf Kirch: "Re: majordomo 1.94.5 does not fix all vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Brock Sides wrote:
> Whereas majordomo 1.94.5 does fix the bug in resend, discovered by Brock
> Tellier, that permits execution of arbitrary code as user majordomo, it
> apparently does not fix the other bug in the script majordomo, that
> permits execution of arbitrary config files as user majordomo:

While people need to certainly be made clear of this, this is entirely
intentional.

The cleanest fix to the problem of the majordomo programs running
arbitrary code as the majordomo user/group is to fix the permissions
of the wrapper so it is mode o-rx.  (or that the Majordomo home
directory is mode mode 750)  Any other proposed solutions were
fraught with race conditions, partial fixes, and just plain uglinesses.

This is clearly explained in the INSTALL document in 1.94.5 and
re-emphasized on the Majordomo FAQ.

--Dave
Majordomo FAQ maintainer

Next message: jdglaser: "Re: Windows 2000 Run As... Feature"
Previous message: Tim Yardley: "multicasts from hell"
Maybe in reply to: Brock Sides: "majordomo 1.94.5 does not fix all vulnerabilities"
Next in thread: Olaf Kirch: "Re: majordomo 1.94.5 does not fix all vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:31:23 PDT