All rights reserved.
170 | Chapter 4: Maintain Security with sendmail
Here, the begin tells uudecode to begin conversion. The 777 is the permissions to give
to the file that will be created. That is followed by the full pathname of the file. If the
queue directory were wrongly owned by daemon, any outsider could create a bogus
queued message at your site.
Some versions of uudecode (suchas the one withSunOS) will create set-user-id files.
That is, a begin line suchas the following can be used to create a set-user-id daemon
shell in /tmp:
begin 4777 /tmp/sh
The decode alias should be removed from all aliases files. Similarly, every alias that
executes a program??”that you did not place there yourself and check completely??”
should be questioned and probably removed.
4.6.1 The Alias Database Files
The aliases(5) file is often stored in dbm(3) or db(3) database format for faster lookups.
The database files live in the same directory as the aliases file. For all versions of
sendmail they are called aliases.dir and aliases.pag for dbm(3), but for V8 sendmail,
only a single database file might exist and be called aliases.db for db(3).
It is useless to protect the aliases(5) file if you do not protect its corresponding database
files. If the database files are not protected, the attacker can create a private
aliases file and then run:
% /usr/lib/sendmail -oA.
Pages:
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330