Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!unmvax!ncar!tank!nic.MR.NET!hal!ncoast!allbery From: allbery@ncoast.UUCP (Brandon S. Allbery) Newsgroups: comp.unix.wizards Subject: Re: Predictable Message-ID: <13194@ncoast.UUCP> Date: 1 Dec 88 00:15:35 GMT References: <17464@adm.BRL.MIL> <120@minya.UUCP> <13170@ncoast.UUCP> <4271@encore.UUCP> Reply-To: allbery@ncoast.UUCP (Brandon S. Allbery) Followup-To: comp.unix.wizards Organization: Cleveland Public Access UN*X, Cleveland, Oh Lines: 41 As quoted from <4271@encore.UUCP> by bzs@encore.com (Barry Shein): +--------------- | From: allbery@ncoast.UUCP (Brandon S. Allbery) | >...But the network entry point to sendmail is | >via a particular Internet port; while a random user cannot alter the shell | >for another user in /etc/password and cannot replace /usr/lib/uucp/uucico | >with another program (or so we hope), if the SMTP port weren't root-only | >*any* user could arrange for their own program to listen on the SMTP port | >and wreak all kinds of havoc on other systems. Or at minimum could read | >anyone's incoming net mail. Fun, eh? | | In the first place that's one big *IF* (*IF* the SMTP port weren't | root-only...) If a user can bypass root security on the system why is | your main concern that they might intercept someone's incoming mail? | Of course they can, they can just 'cat /usr/spool/mail/yournamehere' | and delete what they want etc, why bother with the SMTP port? +--------------- The question was why the SMTP port *was* root-only. +--------------- | And what kind of havoc exactly can someone wreak on other systems by | listening for incoming mail connections? I mean something peculiar to | this ability and, what the hell, something they can't do otherwise via | root permissions since that's a pre-requisite. +--------------- Sorry. Dumb mistake. It didn't occur to me until a few days ago, in conjunction with a *different* network protocol, that there was no reason for SMTP commands to be bidirectional. (I.e. the fact that you can transmit SMTP *commands* to a program listening on port 25 doesn't mean that the receiving program can then transmit another SMTP command [e.g. DEBUG] *back*.) ++Brandon -- Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X uunet!hal.cwru.edu!ncoast!allbery ncoast!allbery@hal.cwru.edu allberyb@skybridge.sdi.cwru.edu allbery@uunet.uu.net comp.sources.misc is moving off ncoast -- please do NOT send submissions direct Send comp.sources.misc submissions to comp-sources-misc@.