security holes in mail
utzoo!decvax!ucbvax!unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Fri Sep 11 00:10:27 AEST 1981
>From decvax!duke!unc!smb at Berkeley Fri Sep 11 00:03:32 1981
In-real-life: Steven M. Bellovin
Location: University of North Carolina at Chapel Hill
ucbmail would seem to have several security holes regarding people
who mail to pipes or files over a network. delivermail will blithely
open files, invoke csh, etc., running as whoever invoked it. If that's
a network server -- well, it's too bad, isn't it....
More information about the Comp.unix.wizards
mailing list