Re: [Exim] What to do about non-monitonic process ids

Góra strony
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
Dla: Sheldon Hearn
CC: exim-users
Temat: Re: [Exim] What to do about non-monitonic process ids
On Wed, 5 Feb 2003, Sheldon Hearn wrote:

> A local user can fool Exim into overwriting any group mail owned file on
> the filesystem if
>
> a) the user can write to a directory in which Exim tries to write a
>    file,
> b) Exim tries to write that file with a predictable filename,
> c) Exim uses a predictable filename, and
> d) Exim accidentally follows a symlink.


True. That's exactly why Exim forbids symlinks for single-file
mailboxes, which of course have predictable (= fixed) file names.

But for maildir deliveries, Exim insists on writing a new file (by using
O_CREAT). So I don't see that it matters whether the name is
predictable or not.

> The use of unpredictable filenames would be an added level of protection
> against programming mistakes.


You mean like forgetting to use O_CREAT?

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.