DON'T USE 'FU/usr/lib/uucp/L.sys' in sendmail.cf
Neil Rickert
rickert at mp.cs.niu.edu
Thu Apr 4 00:21:43 AEST 1991
In article <3250 at charon.cwi.nl> piet at cwi.nl (Piet Beertema) writes:
>
> As stated earlier, it is potentially dangerous to use 'F' lines in
> sendmail.cf to read sensitive files, such as /usr/lib/uucp/L.sys
> (or whatever your UUCP systems file is called).
>Depends. If you're running 5.64 or older *and* if
>you do *not* have
>#define SCANF 1
>in your conf.h, then indeed sensitive information
>can end up in your frozen config file.
In my original posting, I warned that making the freeze file mode 600 is
not a guaranteed protection, since a core dump will also contain a copy of
the sensitive information.
A number of people have suggested that a core dump is impossible, since
sendmail runs with effective uid of root, so cannot be sent a core dumping
signal. This however, is erroneous. Normally sendmail begins with an
effective uid of root, but it can change its uid during processing. In
particular there are many choices of command line parameters which will cause
sendmail to relinquish its suid privileges after it has read its
configuration.
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science <rickert at cs.niu.edu>
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
More information about the Comp.unix.wizards
mailing list