[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: bug in sendmail?

To: Nick Hill <nikhilwiz@xxxxxxxxx>
Subject: Re: bug in sendmail?
From: Suresh Ramasubramanian <sureshr@xxxxxxxxxxxxxx>
Date: Mon, 12 Jun 2000 23:05:40 +0530
Cc: linux-india-general@xxxxxxxxxxxxxxxxxxxxx
In-reply-to: <20000612094002.A2063@yahoo.com>; from nikhilwiz@yahoo.com on Mon, Jun 12, 2000 at 09:40:02AM +0530
Mail-followup-to: Nick Hill <nikhilwiz@xxxxxxxxx>, linux-india-general@xxxxxxxxxxxxxxxxxxxxx
Organization: Juno Abuse Desk
Reply-to: Suresh Ramasubramanian <sureshr@xxxxxxxxxxxxxx>

Nick Hill saw fit to inform LI that: 

>/usr/lib/sendmail is suid-root by default on SuSE 6.3... i use it for flushing
>my mail queue... can this be exploited? I'm not looking for an exploit, just
>wondering, and what would be the implications?
>
>nikhilwiz@linux:~ > ls -l /usr/lib/sendmail
>lrwxrwxrwx   1 root     root           18 Apr 24 02:40 /usr/lib/sendmail -> /usr/sbin/sendmail

On my solaris box here

~$ ls -l /usr/lib/sendmail
-r-sr-sr-x   1 root     root     3642964 Aug  4  1999 /usr/lib/sendmail

and

~$ ls -l /usr/sbin/sendmail
/usr/sbin/sendmail: No such file or directory

hth
-s
-- 
Suresh Ramasubramanian + sureshr@xxxxxxxxxxxxxx
I went to the race track once and bet on a horse that was so good that
it took seven others to beat him!

References:
- bug in sendmail?
  - From: Nick Hill

Prev by Subject: bug in sendmail?
Next by Subject: bzip2 (Was Re: Re: Bigotry ?? [was --> Re: What is Linux ?])
Previous by thread: bug in sendmail?
Next by thread: accounting software on linux
Index(es):
- Subject
- Thread