[934] in linux-security and linux-alert archive
No subject found in mail header
daemon@ATHENA.MIT.EDU (owner-linux-security@tarsier.cv.nr)
Fri Jul 19 16:56:04 1996
From: owner-linux-security@tarsier.cv.nrao.edu
Date: Fri, 19 Jul 1996 15:40:39 -0400
Apparently-To: linux-security-blaster@tarsier.cv.nrao.edu
Forwarded message:
Date: Fri, 19 Jul 1996 10:24:10 -0400
Message-Id: <199607191424.KAA15654@tarsier.cv.nrao.edu>
To: linux-security-approval@tarsier.cv.nrao.edu
From: owner-linux-security@tarsier.cv.nrao.edu
Subject: [linux-security] BOUNCE linux-security@linux.nrao.edu: Approval required
Sender: owner-linux-security@linux.nrao.edu
Precedence: list
>From juphoff@tarsier.cv.nrao.edu Fri Jul 19 10:24:09 1996
Received: from us1 ([128.160.11.6]) by tarsier.cv.nrao.edu (8.6.13/$Revision: 2.9 $) with ESMTP id KAA15650; Fri, 19 Jul 1996 10:23:55 -0400
Received: (from pollard@localhost) by us1 (950511.SGI.8.6.12.PATCH526/8.6.10) id JAA04435 for linux-security@tarsier.cv.nrao.edu; Fri, 19 Jul 1996 09:24:32 -0500
Date: Fri, 19 Jul 1996 09:24:32 -0500
From: R.E.Wolff@BitWizard.nl (Rogier Wolff)
Message-Id: <199607191424.JAA04435@us1>
To: linux-security@tarsier.cv.nrao.edu
Subject: Re: [linux-security] sendmail security issues
In-Reply-To: Mail from 'rdm@tad.micro.umn.edu'
dated: 17 Jul 1996 14:17:36 -0000
>accessing recipient's ~/.forward files would also be best handled by
>a separate delivery program that runs under the user's uid. :include:
>file handling is purely an abstraction and should be run under the
>proper uid for whatever file it's included from.
Jesse Pollard responded to say that this is a performance problem.
Sendmail tries to optimize things like remove duplicates.
Roger.
--
/* EMail: R.E.Wolff@BitWizard.nl */ int main (int argc,char**argv){
/* Tel: +31-15-2137459 */ if (*++argv&&!strcmp(*argv,"-advice"))
/* WWW: http://www.BitWizard.nl/ */ {printf("Don't Panic!\n");exit(42);}}