>
>
>>
>>Hello again all,
>>
>> SunOS sendmail. Apparently there are some holes in it that allow a
>>potential cracker to gain root privilidge on the host system, and install
>>password sniffers etc.
>There are so many of such wide variety that it becomes tough to keep
>track of them all.
>
>among them:
>syslog buffer overflow gives root access
>executing local mailer in a certain way gives root access
>probably a race condition or two.
In one of the Internet Mail services I log in the ordinary user can just
read all the mail sent to the root. Is the Root Mail box is normally kept
like that other systems or it was a configuration negligence by the systems
people ?
command to read that mail to root is
when this command is given by the normal user
cat /var/mail/root
Then You can read all the mail send to the root .
Can somebody clarify ?
GSC Prabhakar.
****************************************************************************
*****
" Wishing You a very Merry Christmas and Prosperous New Year 1996"
G.S.C.Prabhakar (gscpraba @
emirates .
net .
ae)
Internet Consultant & Trainer-
P.O.Box 72432
Abu Dhabi.
United Arab Emirates.
Pager : 91-555-304
****************************************************************************
*******
|
|
