Stig Hackv�n wrote: qmail invokes commands with /bin/sh regardless of the user's login shell, so even if a user has /bin/false for a shell, that user's .qmail file can be used to gain shell access. And how does someone with /bin/false as their shell put commands in their .qmail files? i consider this to be a qmail bug. I consider it a site-specific administrative problem.
- big fat qmail-command hole Stig Hackv�n
- Re: big fat qmail-command hole Faried Nawaz
- Re: big fat qmail-command hole Russell Nelson
- Re: big fat qmail-command hole Faried Nawaz
- Re: big fat qmail-command hole petervd
- Re: big fat qmail-command hole Stig Hackv�n
- Re: big fat qmail-command hole Phil Genera
- Re: big fat qmail-command hole Magnus Bodin
- Re: big fat qmail-command hole Russ Allbery
- Re: big fat qmail-command hole Russ Allbery
