[4359] in bugtraq
Re: Smashing the Stack: prevention?
daemon@ATHENA.MIT.EDU (Russell Coker)
Mon Apr 28 19:53:12 1997
Date: Mon, 28 Apr 1997 19:04:52 +1100
Reply-To: bofh@SNOOPY.VIRTUAL.NET.AU
From: Russell Coker <bofh@SNOOPY.VIRTUAL.NET.AU>
X-To: "Thomas H. Ptacek" <tqbf@ENTERACT.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199704280442.XAA21100@enteract.com>
>> 1. 'you gotta change the code'
>These are just plugs in the bursting dike. The problem is not that
>privileged code is insecure. The problem is that there is too much
>privileged code.
I agree. For example I'd like to know why almost everyone runs sendmail
as root. It seems that Sendmail has more security holes than most other
server software for the UNIX platform combined, yet it gets run with the
highest privilidge level! I've got Sendmail running on my servers without
any root access. Here's a web page explaining what I did:
http://www.virtual.net.au/~rjc/sendmail.html
If you have any suggestions to improve my Sendmail setup then please let
me know.
Russell Coker
