Path: utzoo!attcan!uunet!husc6!bu-cs!encore!bzs@encore.com
From: bzs@encore.com (Barry Shein)
Newsgroups: comp.unix.wizards
Subject: Re: Predictable
Message-ID: <4271@encore.UUCP>
Date: 24 Nov 88 20:45:43 GMT
References: <17464@adm.BRL.MIL> <120@minya.UUCP> <13170@ncoast.UUCP>
Sender: news@encore.UUCP
Reply-To: bzs@encore.com (Barry Shein)
Organization: Encore Computer Corp
Lines: 26
In-reply-to: allbery@ncoast.UUCP (Brandon S. Allbery)

From: allbery@ncoast.UUCP (Brandon S. Allbery)
>...But the network entry point to sendmail is
>via a particular Internet port; while a random user cannot alter the shell
>for another user in /etc/password and cannot replace /usr/lib/uucp/uucico
>with another program (or so we hope), if the SMTP port weren't root-only
>*any* user could arrange for their own program to listen on the SMTP port
>and wreak all kinds of havoc on other systems.  Or at minimum could read
>anyone's incoming net mail.  Fun, eh?

In the first place that's one big *IF* (*IF* the SMTP port weren't
root-only...) If a user can bypass root security on the system why is
your main concern that they might intercept someone's incoming mail?
Of course they can, they can just 'cat /usr/spool/mail/yournamehere'
and delete what they want etc, why bother with the SMTP port?

And what kind of havoc exactly can someone wreak on other systems by
listening for incoming mail connections? I mean something peculiar to
this ability and, what the hell, something they can't do otherwise via
root permissions since that's a pre-requisite.

I think people are now fully in panic mode and ceasing to make
sense...I really hope this stops soon or people at least try very hard
to be clear about what exactly they are concerned about, it's getting
a tad bit neurotic and chicken-little'ish.

	-Barry Shein, ||Encore||