Re: [exim-dev] potential exploitation vector

Top Page

Reply to this message
Author: Yuri Arabadji
Date:  
To: exim-dev
CC: Phil Pennock
Subject: Re: [exim-dev] potential exploitation vector
Hi, Phil.

Wow, indeed, going to bug CPanel guys then.

Thank you so much for explaining!


On Thursday 04 November 2010, Phil Pennock wrote:
> On 2010-11-04 at 01:07 +0200, Yuri Arabadji wrote:
> > Hello, Phil.
> >
> > Thanks for your time spent on replying to my message. Let me take another
> > portion of it ;)
> >
> > The specific exim's build I'm using is deployed on many hosting servers
> > across the internet and it would be quite bad if this turns out to be an
> > actual bug:
> > http://diff.cpanel.net/exim/4.69-23.1/src/exim-4.69-23.1_cpanel_maildir.s
> >rc.rpm
> >
> > EXIM_USER is mailnull. exim -bP exim_user outputs mailnull.
> >
> > uid=47(mailnull) gid=47(mailnull) groups=47(mailnull)
> >
> > Please see the attached traces and especially the line
> > "Let's see what UIDs we've got" in exim.daemon.log.
> >
> > This is an almost unmodified CPanel exim installation. I'm attaching
> > everything relevant. It would be wonderful if you could explain what's
> > going on there and whether that is the expected behavior.
>
> You're quite right, I was mis-remembering the defaults of Exim. My
> apologies.
>
> We should probably look at changing the default value of
> system_filter_user.
>
> -Phil



--
Best regards,
Yuri Arabadji -- System Engineer