Great Circle Associates Majordomo-Users
(December 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: concern about wrapper and setuid bit
From: Jason L Tibbitts III <tibbs @ hpc . uh . edu>
Date: 08 Dec 1996 19:20:46 -0600
To: Ronald Hahm <hahm @ cedarnet . org>
Cc: majordomo-users @ GreatCircle . COM
In-reply-to: Ronald Hahm's message of Sun, 08 Dec 1996 17:34:25 -0600
References: <1.5.4.32.19961208233425.008fd988@mail.cedarnet.org> 
>>>>> "RH" == Ronald Hahm <hahm@cedarnet.org> writes:

RH> Is it supposed to be configured such that wrapper has it's setuid bit
RH> turned on and ownership to root?

It must be such, except on some non-POSIX systems.  The MTA does not run
spawned processes as the majordomo user; instead it runs them either as
root, daemon, or the sending user (if local).  You absolutely have to have
a setuid mechanism in place.

RH> I am concerned about the potential security hole that this creates? 

Well, the source code is short, so go look at it.  It changes UID
immediately, destryos the calling environment and limits the executables to
a single directory.  I don't think there's anything else that can be done
to improve its security, although you are welcome to try to find holes.

 - J<
References:
Indexed By Date Previous: Re: MAJORDOMO ABORT (fwd)
From: Jason L Tibbitts III <tibbs@hpc.uh.edu>
Next: Happy Hollydays
From: Damir Brkic <damir.brkic@sk.tel.hr>
Indexed By Thread Previous: concern about wrapper and setuid bit
From: Ronald Hahm <hahm@cedarnet.org>
Next: restrict senders question
From: Francis Vidal <francis@linux1.usls.edu>
Google
 
Search Internet Search www.greatcircle.com