Author: Philip Hazel Date: To: Nigel Metheringham CC: Exim Users Subject: Re: [Exim] Problem with -Meb environment being destroyed
On Fri, 26 May 2000, Nigel Metheringham wrote:
> Ugh... thats a good point... I wonder if a LD_PRELOAD attack could be
> used against a user supplied non-setuid forward piped program. I know
> a setuid prog won't *honour* these itself, but if its not setuid
> children do you can still subvert someone elses UID from a local
First point: Programs run by Exim's pipe transport have never passed on
the environment. They have always constructed their own, as documented.
Same is true for queryprogram (it has *no* environment).
Second point: for Exim itself, this worry was part of the original
thinking behind the environment flattening. But now I find all kinds of
things that "need" to be left there. I fear that this is going to be a
different list on different OS, and that less knowledgeable users are
going to find it a real tar pit to understand and fiddle with.
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
This message was posted to the following mailing lists: