Re: [Exim] Problem with -Meb environment being destroyed

Top Page

Reply to this message
Author: Philip Hazel
To: Nigel Metheringham
CC: Exim Users
Subject: Re: [Exim] Problem with -Meb environment being destroyed
On Fri, 26 May 2000, Nigel Metheringham wrote:

> Ugh... thats a good point... I wonder if a LD_PRELOAD attack could be
> used against a user supplied non-setuid forward piped program. I know
> a setuid prog won't *honour* these itself, but if its not setuid
> children do you can still subvert someone elses UID from a local
> account.

First point: Programs run by Exim's pipe transport have never passed on
the environment. They have always constructed their own, as documented.
Same is true for queryprogram (it has *no* environment).

Second point: for Exim itself, this worry was part of the original
thinking behind the environment flattening. But now I find all kinds of
things that "need" to be left there. I fear that this is going to be a
different list on different OS, and that less knowledgeable users are
going to find it a real tar pit to understand and fiddle with.

Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.