Re: [Exim] What to do about non-monitonic process ids

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MPhilip Hazel at <-
MPhilip Hazel at ->
Delete this message
Reply to this message
Author: Sheldon Hearn
Date:  
To: Philip Hazel
CC: exim-users
Subject: Re: [Exim] What to do about non-monitonic process ids
On (2003/02/05 10:30), Philip Hazel wrote:

> > > I don't think filenames need to be unpredictable in Exim.
> >
> > So when Exim delivers a message locally into a Maildir format mailbox,
> > it takes care not to follow a symlink, yes? :-)
>
> What am I missing here? What has unpredictable file names got to do with
> symlinks?

A local user can fool Exim into overwriting any group mail owned file on
the filesystem if

a) the user can write to a directory in which Exim tries to write a
file,
b) Exim tries to write that file with a predictable filename,
c) Exim uses a predictable filename, and
d) Exim accidentally follows a symlink.

The use of unpredictable filenames would be an added level of protection
against programming mistakes.

Ciao,
Sheldon.


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Putting aliases into LDAP?Re: [Exim] Copy mail for to two emailadresses->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)