Unfortunately,
the Systems file contains more than just host entries on each line:
linda Any ACU 2400 5551212 "" \d\n in:-\r-in: Uourhost word: MublyPeg
hoby Any ACU 2400 5551213 "" \d\n in:-\r-in: Uourhost word: FuMzz3.x
A part of each line (the last item in each) contains nonencrypted passwords. Prior to
V8.12, an unscrupulous user, noticing the mistaken [^#] in the configuration file,
could run sendmail witha -d36.5 debugging switchand watcheachpassword being
processed. For example:
% /usr/lib/sendmail -d36.5 -bt < /dev/null
?†? ... some output deleted
STAB: hoby 1 entered
STAB: Any 1 entered
STAB: ACU 1 entered
STAB: 2400 1 entered
STAB: 5551213 1 entered
STAB: "" 1 type 1 val 0 0 200000 0
STAB: \d\n 1 entered
STAB: in:-\r-in: 1 entered
STAB: Uourhost 1 entered
STAB: word: 1 entered
STAB: FuMzz3.x 1 entered ?†? note
STAB: local 3 type 3 val 34d00 0 0 0
STAB: prog 3 type 3 val 34d80 0 0 0
Note the third line from the bottom, where the password for the UUCP login into
the host hoby is printed. Also note that this is no longer possible with V8.12 and
above if sendmail is installed as non-set-user-id as recommended.
This example illustrates two rules about handling the configuration file:
??? Avoid using the F command to read a file that is not already publicly readable. To
do so can reveal sensitive information.
Pages:
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314