Be warned, however, that if a user can get into your machine as ftp, it can be possible
for that user to run another shell, such as csh(1). Thus, in addition to listing a
bogus shell, you might need to take further steps to prevent such access.
4.9 Other Security Information
No single chapter on security can be fully complete. The subject is so complex and
far-ranging that an entire book might not be enough. To augment the information
we have given here, we recommend these other important sources:
http://www.sendmail.org/~gshapiro/
Gregory Shapiro has authored a number of fine papers on sendmail. Of special
interest, as of this writing, is Sendmail Security (based on V8.12), a brief document
that outlines much of what we have talked about in this chapter, and provides
tips we have not covered.
sendmail/SECURITY
The file sendmail/SECURITY is supplied withth e sendmail source distribution
and mainly deals witha non-root setup. You should read this file each time you
download a new sendmail release.
http://www.cert.org/
This is the official site for the CERT Coordination Center, which studies Internet
security vulnerabilities, handles computer security incidents, and publishes
security alerts. This is an excellent site for security information, and it allows you
to sign up for a mailing list that can warn you about security incidents.
Pages:
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350