Hi Taco, > Michael, I understand your concern, but please be aware that any local user > is able to get root permissions if you leave suidperl suid. Please see: > > http://www.securityfocus.com/archive/1/74168
I'm aware of that issue and have since long done away with the hole riddled "mail" and even upgraded "pine" a few times until I did away with it, too. With missing "mail", "usleep" and reniced suidperl I felt pretty much on the safe side. I have eliminated my need for suidperl suid over the weekend rewriting my application. You know how that goes .... most of the times the need for suid is a lack of proper programming or outright lazyness. ;o) > Being SUID root is not the issue here. Being vulnerable AND being SUID root > is. Therefore I replaced the permissions on suidperl with the ones as the > RaQ/Qube was delivered to you and added two SUID wrapper programs that will > run without any securityproblems. Thanks for the info, Taco. Out of curiosity: where are those wrappers located? In the Neomail directory? -- With best regards, Michael Stauber _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
