On Fri, 2006-03-24 at 14:14 +0000, Stuart Henderson wrote: > The patch is in 3.8-stable now, and -current has 8.13.6, so > people following either of these just need to update. >
I run sendmail under systrace (OpenBSD 3.8) and a couple of weeks ago (sometime after the exploit was initially reported) I started getting this in my logs: Mar 13 13:29:15 example systrace: deny user: root, prog: /usr/libexec/sendmail/sendmail, pid: 24218(1)[21120], policy: /usr/libexec/sendmail/sendmail, filters: 161, syscall: native-connect(98) Admittedly, not much to go on. Normal mail was getting through fine, so I didn't adjust my systrace policy, but instead decided to wait. I am very particular on who and what sendmail can connect, so I wasn't going to to just 'permit' all native-connect calls. After upgrading sendmail to 3.8 STABLE last night, systrace hasn't reported these errors again. FYI... Jamie Strandboge
