Re: majordomo local exploit

To: BUGTRAQ@xxxxxxxxxxxxxxxxx
Subject: Re: majordomo local exploit
From: Chan Wilson <cwilson@xxxxxxxxxxx>
Date: Fri, 7 Jan 2000 16:27:32 +0100
Approved-by: aleph1@SECURITYFOCUS.COM
Delivered-to: bugtraq@lists.securityfocus.com
Delivered-to: bugtraq@securityfocus.com
Reply-to: Chan Wilson <cwilson@xxxxxxxxxxx>
Sender: Bugtraq List <BUGTRAQ@xxxxxxxxxxxxxxxxx>

>   The following patch, built upon code and suggestions submitted by
> Henrik Edlund, Henrik Nordstrom, and Andrew Brown, is intended to render
> safe the config file requires, in the seven scripts which use them, in
> the Majordomo 1.94.4 home directory. It also incorporates Todd Miller's
> patch of Dec. 29.

This doesn't address the problem on Unixen that allow one to 'give
away' files.  Nor is it compatible with the philosophy that majordomo
1.x should continue to run under perl4.

The proper fix appears to be simply 'chmod 0750 wrapper', perhaps
along with setting the group owner of wrapper to the same as the MTA.

And, of course, restricting access to the majordomo server.

--Chan
	majordomo maintainer.

Prev by Date: Re: [Hackerslab bug_paper] Solaris chkperm buffer overflow
Next by Date: PalmCrack - The password testing tool for the Palm Computing Platform
Previous by thread: Re: majordomo local exploit
Next by thread: HPUX Aserver revisited.
Index(es):
- Date
- Thread