- Mark Delany <[EMAIL PROTECTED]>:
| At 09:33 PM 2/3/99 +0100, Harald Hanche-Olsen wrote:
| >- Chris Johnson <[EMAIL PROTECTED]>:
| >
| >| Why does qmail object to the execute bit being set? I don't know.
| >
| >Security: It's meant for .qmail files that might be automatically
| >edited, for example by a mailing list manager. Even if an attacker
| >manages to sneak in a program delivery in the .qmail file, this
| >feature will stop him from exploiting it.
|
| I'm not quite sure I understand the second part of that, but
| certainly the first part about it providing a simple locking
| mechanism is how it was used by qlist.
No; qlist locked .qmail-list-request in order to avoid several copies
of qlist stomping on the .qmail-list file at the same time. The man
page further stated:
qlist automatically sets the execute bit on qmail-list, so
qmail-local will ignore any program or file instructions
in qmail-list.
The point being that if a user could somehow coerce qlist into putting
the line
|rm -fr *
into .qmail-list, it still would not do any harm (unless the list
owner turned off the execute bit without checking the file).
- Harald
