Re: [Exim] exim & intetd

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Philip Hazel
Fecha:  
A: Kai Henningsen
Cc: exim-users
Asunto: Re: [Exim] exim & intetd
On 9 Jan 2002, Kai Henningsen wrote:

> > Does anybody have any good ideas for detecting "called from inetd"?
>
> Why do you *need* that?
>
> > "stdin is a socket" on its own is not good enough - any user could set
> > that up.
>
> And why is that a problem?
>
> Seems to me Exim should react the same to "I'm being fed mail via a pre-
> connected socket" regardless who did it.



This would mean that a user could run a program which listened on some
non-privileged port, waited for a connection, and passed it on to Exim.
Exim would behave as if called from inetd, doing the host checking etc.

This means that an unprivileged user could open up the server to
non-privileged ports. I think this is probably a bit of a security
exposure that some people would not like.

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.