Re: [exim-dev] [PATCH 2/3] Don't allow a configure file whic…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MAndreas Metzler at <-
MDavid Woodhouse at ->
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: Andreas Metzler, exim-dev
Subject: Re: [exim-dev] [PATCH 2/3] Don't allow a configure file which iswriteable by the Exim user or group
Thanks for the feedback. I'll fix that and push later this evening.

With that done, I think the biggest issue with privilege escalation is mostly dealt with. An attacker can't make their own config file; they'd have to find a root-owned file lying around which looked enough like an Exim config and did something stupid.

It's not a panacea; we do want to kill ALT_CONFIG_ROOT_ONLY too and do some kind of whitelist of trusted configs. But it's a large part of the answer.

--
dwmw2

This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] [Bug 1044] CVE-2010-4345 exim privilege escalationRe: [exim-dev] Remote root vulnerability in Exim->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)