|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: majordomo local exploit
Subject: Re: majordomo local exploit
From: John Archie (johnarchie
MAIL.EMERALDIS.COM)
Date: Sat Jan 01 2000 - 22:45:20 CST
- Next message: Joakim Karlmark: "Re: More info on MS99-061 (IIS escape character vulnerability)"
- Previous message: Pavel Machek: "Re: strace can lie"
- Next in thread: Olaf Kirch: "Re: majordomo local exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I chgrp'ed the wrapper to mail (the user that sendmail demotes itself to in
order to run the wrapper on my system) and do not allow normal users to
execute the wrapper. Majordomo works fine after the change, but this breaks
anything that feeds input into the majordomo scripts directly that doesn't
have permission to execute the wrapper.
--John
- Next message: Joakim Karlmark: "Re: More info on MS99-061 (IIS escape character vulnerability)"
- Previous message: Pavel Machek: "Re: strace can lie"
- Next in thread: Olaf Kirch: "Re: majordomo local exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Sun Jan 02 2000 - 14:32:58 CST