sendmail OR hole?
stanonik at nprdc.navy.mil
stanonik at nprdc.navy.mil
Fri Jun 28 06:22:00 AEST 1991
As distributed sunos4.1.1 seems to allow forging mail. The
distributed sendmail.cf has an OR line, which seems to allow
anyone to use the -f flag on clients nfs mounting /usr/spool/mail.
We're running a relatively stock system, so I don't believe
we've contributed to this problem.
We stumbled upon this because of an apparent gnu emacs bug
which was turning the CC line into the sender; ie, replies
were coming from the person being replied to. Amusing but
confusing.
Ron Stanonik
stanonik at nprdc.navy.mil
More information about the Comp.sys.sun
mailing list