Ehud Tenenbaum <analyzerat_private> writes: >We know its just a NULL pointer but since sendmail uses procmail >to alert, and of course snedmail is suid as well it might be a >problem to make the procmail segfault when sendmail calls it >(its a pure idea I didnt take a look on sendmail handling >childs functions yet). > >could be a dengerous ? I doubt it's a problem: sendmail checks the exit status of its children process and understands failures caused by signals, etc. If it _is_ a problem, then procmail is wholly out of the picture, as this exact problem will occur with many signals besides SIGALRM. (As a (long) side note: the only way I know to send a SIGALRM to a setuid process is to exec it directly, leaving an alarm pending past the exec, and even then new enough OSes don't even allow that. It worked under gdb because tracing disables setuid execution, but otherwise I don't know how you would do it. You can send 'tty signals' (INT, QUIT, TSTP, HUP, WINCH, INFO) to setuid processes if it's in one of your sessions. That extends to some other signals (KILL and STOP), at least some of the time, but I don't see how to arbitrarly send other signals to setuid processes.) Philip Guenther guentherat_private Procmail Maintainer -------- Information and opinions expressed above are not those of Sendmail, Inc.
This archive was generated by hypermail 2b30 : Sun Feb 24 2002 - 21:34:20 PST