Security hole in smail 2.3's handling of ~/.forward
levy at ttrdc.UUCP
levy at ttrdc.UUCP
Sun Feb 22 16:36:42 AEST 1987
In article <3150 at osu-eddie.UUCP>, karl at osu-eddie.UUCP writes:
>The posting of smail 2.3 has a large security hole in mail delivery
>with regard to the use of ~/.forward files.
>
>[code]
>
>This is not sufficiently careful. It has not checked for things like
>.forward being writable a non-owner of the file, a transparent
>security hole. I also recommend that checks be done on the home
>directory to see that it, too, is writable only by the owner, lest
>some cracker "give" you a .forward file, and suddenly you stop getting
>mail without knowing why.
>--
>Karl
And not only check the home directory, but the one above it, and the one
above that, etc.... (gee you can have such fun if some careless sysadmin
leaves / world writeable).
--
------------------------------- Disclaimer: The views contained herein are
| dan levy | my own and are not at all those of my em-
| an engihacker @ | ployer or the administrator of any computer
| at&t computer systems division | upon which I may hack.
| skokie, illinois |
-------------------------------- Path: ..!{akgua,homxb,ihnp4,ltuxa,mvuxa,
allegra,ulysses,vax135}!ttrdc!levy
More information about the Comp.sources.bugs
mailing list