>> without making kernel changes. As for the case where you do have hostile
>> users, they still need to find a way to crash sendmail before putting in
>
>Just wait until it becomes unavailable. I have seen too many services
>crashing on production machines that this just makes me nervous.
>
>(Btw. for any services started from inetd there is a trivial way to
>shut them down.)
>
Is this trivial way doable by a normal user? If so then this is a serious
security bug. If this trick is only doable by root then the mail is already
as good as stolen. And if a normal user is able to shutdown inetd deamons
then wouldn't he still have to free the port from its usage by inetd?
>> their replacement (and learning what port to put it on, all other
machines
>> think they are talking to port 25)
>
>With the transproxy trick you can look the redirections up in /proc.
>
Could proper permissions on /proc solve this?
>olaf
>
>
>-
>To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>the body of a message to majordomo@vger.rutgers.edu
>Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/